Password Reset and Password Change applications

The Password Reset application allows end users to use a self-service process to reset their own passwords on the local ServiceNow instance. Alternatively, your organization can implement a process that requires service-desk personnel to reset passwords for end users.

Password Change application

The Password Change application extends the Password Reset application by letting admins define how users change their passwords.

Types of process for Password Reset

  • Self-service process: Users reset their password over the Internet using a browser. The self-service process is supported on all supported interfaces, including mobile devices.
  • Service-desk password reset process: Users reset their passwords with the assistance of a service-desk employee, over the phone or in person.

Watch the video: Introducing Password Reset (Video).

Elements of a password reset process

Users with the password_reset_admin role can configure one or more password reset processes to connect the user names and passwords of a group of people with:
  • A credential store where user credentials (like username/password) are securely stored
  • One or more verifications that the admin specifies. For example, answering a personal question that only the user knows how to answer or responding to the system with a code number that is sent to a pre-authorized SMS device like a cellular phone or tablet.
.
Figure 1. Password reset process
Elements of a password reset process

Implementing a password reset process

  • Plan to ensure that all applicable organizational guidelines, security policies, and areas of the organization are considered.
  • Set up the password reset and password change processes according to the plan.
  • In the service-desk model, service-desk employees monitor and reset passwords as needed.
  • Monitor password reset activity to identify security threats and to ensure compliance with the organization's password policy requirements.

Password Reset Orchestration Add-on

You can also subscribe to the Password Reset Orchestration Add-on plugin (com.glideapp.password_reset.addon.orchestration), which provides the ability to reset passwords on Active Directory and other credential stores. Orchestration is available as a separate subscription.