Password Reset and Password Change applications The ServiceNow® Password Reset application enables an end user to use a self-service process to reset the password. Alternatively, your organization can implement a process that requires a service desk agent to reset passwords for end users. Watch the video: Introducing Password Reset (Video) Password Reset processesUsers with the password_reset_admin role can configure one or more of the following types of password reset process: Self-service process: Users reset passwords over the Internet using a browser on any supported interface, including mobile devices. Service desk-assisted process: A user requests the assistance of a service desk agent, over the phone or in person. Users do not reset passwords. Elements of a password reset process A credential store where user credentials (like username/password) are securely stored. One or more user groups on the ServiceNow instance that can use the password reset process. One or more verifications—methods to verify the identity of the person who is attempting to reset the password. Examples: Answer a question that only the user knows how to answer. This verification is called the QA Verification and is based on the Personal Data verification type. Respond to the system with a code number that is sent to a pre-authorized SMS-capable device like a cellular phone or tablet. This verification is called the SMS Verification and is based on the SMS Code verification type. Implementing a password reset process Plan your implementation: Ensure that all applicable organizational guidelines, security policies, and areas of the organization are considered. Set up the password reset and password change processes according to the plan. In the service desk-assisted model, service desk agents monitor and reset passwords as needed. Monitor password reset activity to identify security threats and to ensure compliance with the password policy requirements of the organization. Password Reset Windows Application If a user forgets the password or gets locked out of their Windows computer, the user can reset the password directly from the Windows login screen. The user clicks the Forgot Password? link and is then guided through the process of resetting the password. Learn more on the ServiceNow Knowledge Base. If you do not have access, contact your ServiceNow administrator. Domain separation A password reset process that you define in any domain is isolated from a process that you create in any other domain. Features: Password Reset Admin service desk roles. sys-overides column on process tables (business rules, UI actions, and so on). unique constraints on names within a domain. domain column in all Password Reset tables. Limitations: The Password Reset application is built using Orchestration. Orchestration does not fully support domain separation. Password Reset Orchestration Add-onYou can subscribe to the Password Reset Orchestration Add-on plugin (com.glideapp.password_reset.addon.orchestration), to add support for using Active Directory and other credential store types. Orchestration is available as a separate subscription. Password Change applicationThe Password Change application extends the Password Reset application by letting admins define how users change their passwords. Only a self-service process is supported and an admin must publish the URL to the password change form. The user logs in to the instance and then selects the Change Password module or link from the user profile record. On the Change Password page, the user selects the credential store where the password resides. The user enters the old password and then enters and confirms a new password. Workflows validate the old password and then implement the new password. The system notifies the user that the password was changed. Activate the Password Reset applicationPassword Reset for your instance is active by default and includes example verifications.Plan your Password Reset processesTo ensure security and efficiency, take the time to plan your Password Reset implementation.Configure your Password Reset or Password Change processTo implement the process, you configure credentials, verifications, and users.Reset a password for a userIn a service desk-assisted Password Reset process, service desk agents with the password_reset_service_desk role reset user passwords. Users do not reset passwords. Watch a video example of service desk agents resetting passwords: Resetting User Passwords (Video).Password Reset and Password Change reports and logsThe Password Reset application provides several tools for monitoring and troubleshooting password reset activities.Users: Reset your password on Windows systemsIf your organization has configured the ServiceNow Password Reset Windows Application, you can reset your password directly from your Windows login screen.Users: Enroll in the Password Reset programSome organizations auto-enroll users in a Password Reset program. Your organization could offer you the option to enroll for one or more methods of verifying your identity while you are resetting your password.