Password management and two-factor authentication (2FA)

07/05/2026 09:23
Last updated on 07/05/2026 09:23
Pepita Seller Center
2 minutes

    Protecting user accounts and data is extremely important for all of us. Therefore, we have introduced a new password policy and two-factor authentication (2FA) to provide a higher level of security.

    Password validity

    • Current passwords are valid until May 15, 2026
    • After this date, password change is mandatory
    • Passwords can also be changed before the deadline

     Validity period

    • Without 2FA: 90 days
    • With 2FA: 1 year (from the password change date)

    Where to change your password

    The password can be changed in the Pepita admin interface under the Users menu.

    New password requirements

    The new password must meet the following criteria:

    • Minimum 12 and maximum 64 characters
    • Must contain both lowercase and uppercase letters
    • Must include at least one number
    • Must include at least one symbol from: #, $, @, _
    • Must not contain the same character three times consecutively
    • Must not include the local part of the email address
    • Must not be one of the last 5 previously used passwords

    Two-factor authentication (2FA)

    2FA adds an extra layer of security to the login process, protecting accounts even if the password is compromised.

    Activating 2FA

    1. After login:
      • Users → Two-factor authentication
    2. Click “Enable 2FA”
    3. Scan the QR code using an authenticator app (e.g. Microsoft Authenticator)
    4. Enter the 6-digit code generated by the app

    Multi-device usage

    • 2FA can be used on multiple devices
    • This is only possible if the QR code is scanned on multiple devices during activation
    • Adding a new device later requires reactivation

    One-time password (OTP)

    • Can be used as an alternative to the authenticator app
    • The code is sent to the central login email address
    • Available only together with 2FA

    Important information

    • There is still a central login email address per account
    • Without 2FA: password expires every 3 months
    • With 2FA: password expires after 1 year
    • 2FA cannot be disabled once activated

    Account recovery

    If you lose access to your authenticator app:

    • Recovery is handled by the Pepita Seller Support team
    • The secret key can be reset and 2FA reconfigured

    Login process

    • Password + 2FA app code or
    • Password + OTP sent via email
    Pepita Group Zrt. – Password Management Admin PolicyLetöltés
    Leave a Reply 0

    Your email address will not be published. Required fields are marked *