Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.

Set Password Reset properties

Log in to subscribe to topics and get notified when content changes.

Set Password Reset properties

You can specify properties that configure the Password Reset experience for end users.

Before you begin

Role required: password_reset_admin

About this task

While there are no range limits for the values you can enter for properties, consider using only positive integer values starting at 1. When you determine the limit for the upper range of a property, consider the task that the user is performing.

For example, you would not want to allow 100 attempts for users to verify their identity. A more common value is 3 attempts. Similarly, you may not want to force users who are completing the enrollment process to spend time selecting and answering 30 security questions. The more commonly used number of security questions is between 5 and 7.

Procedure

  1. Navigate to Password Reset > Properties.
  2. Update settings as needed and then click Save.
    Table 1. Password reset properties
    UI text Name Description
    Password Reset Global Properties
    Workflow polling frequency password_reset.wf.refresh_rate Time period between checks on status of the workflow.
    • Type: integer
    • Default value: 90000 (milliseconds)
    Workflow expiration password_reset.wf.timeout Maximum wait time, in milliseconds, for the workflow to execute. The workflow is triggered during the password reset request when the user clicks Submit.
    • Type: integer
    • Default value: 500 (milliseconds)
    Disable captcha validation functionality password_reset.captcha.ignore Enables or disables captcha functionality.
    • Type: true|false
    • Default value: false

    The Password Reset application uses Google re-CAPTCHA as the default CAPTCHA service. To use the base-system CAPTCHA, change the password_reset.captcha.google.enabled system property to false.

    Password Reset Request Properties
    Number of unsuccessful attempts allowed for resetting/changing password password_reset.request.max_attempt Number of password reset attempts a user has before they are locked out for a period determined by the value in max_attempt_window.
    • Type: integer
    • Default value: 3 (attempts)
    Number of minutes a user needs to wait for resetting/changing password after exceeding the maximum allowed unsuccessful attempts password_reset.request.max_attempt_window Time period that a user is blocked or prevented from changing their password after trying the maximum number of times.
    • Type: integer
    • Default value: 1440 (minutes)
    Number of minutes a user needs to wait to reset/change password after the last successful reset/change password_reset.request.success_window Time period that a user must wait to reset their password again after they have successfully reset their password.
    • Type: integer
    • Default value: 1440 (minutes)
    Number of minutes a user needs to wait to start a reset request after the last successful unlock account password_reset.request.unlock_window Time period that a user must wait after a successful unlock operation before starting a new request.
    • Type: integer
    • Default value: 1440 (minutes)
    Number of minutes before a password reset request expires password_reset.request.expiry Time period that a user is allowed to perform the password reset process.
    • Type: integer
    • Default value: 10 (minutes)
    Password Reset Security Question Properties
    Number of security questions required during the password reset request password_reset.qa.num_reset
    Number of questions that a user must answer in order to verify their identity during the password reset process.
    • Type: integer
    • Default value: 3 (questions)
    • Possible values: integers that are less than the number specified for the num_enroll property.
    Note: You can override this security question property by adding the num_reset parameter in the security question verification.
    Number of security questions required during enrollment password_reset.qa.num_enroll
    During the enrollment process, the number of questions that a user must answer to be enrolled in the password reset program.
    • Type: integer
    • Default value: 5 (questions)
    Note: You can override this security question property by adding the num_enroll parameter in the security question verification.
    Password Reset SMS Code Properties
    Maximum number of SMS codes sent for verification per day password_reset.sms.max_per_day
    Maximum number of code numbers that are sent to a user within one 24 hour period. The 24 hour period begins when a user clicks Send Code.
    • Type: integer
    • Default value: 10 (per day)
    Note: You can override this SMS code property by adding the max_per_day parameter in the SMS code verification.
    Number of minutes before the user can attempt to send another SMS code for verification password_reset.sms.pause_window
    Period of time that must pass before another code number can be sent to a user.
    • Type: integer
    • Default value: 2 (minutes)
    Note: You can override this SMS code property by adding the pause_window parameter in the SMS code verification.
    Number of digits in the SMS code sent to the user password_reset.sms.default_complexity
    Number of digits in the code that is sent during the SMS process.
    • Type: integer
    • Default value: 4 (digits)

    You can override this SMS code property by adding the complexity parameter in the SMS code verification.

    Number of minutes before the SMS code expires password_reset.sms.expiry
    Period of time, in minutes, until the code that was sent to the user expires.
    • Type: integer
    • Default value: 5 (minutes)
    Note: You can override this SMS code property by the expiry parameter in the SMS code verification.
    Password Reset Monitoring and Reporting Properties
    Time interval, in minutes, for counting blocked users password_reset.activity_monitor.incident_window Time window to count the number of blocked user.
    • Type: integer
    • Default value: 60 (minutes)
    Number of blocked users, in the defined time interval, that triggers a system log event password_reset.activity_monitor.incident_threshold Number of blocked (or locked) users, within the specified time window, that triggers a system log event.
    • Type: integer
    • Default value: 10 (blocked users)
Feedback