Settings on the Password Reset Details tab

The settings define the user experience when resetting or changing a password.

The Password Reset Details tab appears when you are configuring a Password Reset process (Password Reset > Processes).
Table 1. Password Reset Details tab
Field Description
Public access

The check box is available only when Password reset is selected.

  • Clear the check box to define a service desk-assisted process in which only service desk agents and not users can reset a password.
  • Select the check box to enable a self-service process with public user access to the Password Reset or Password Change form through a URL.
Public URL

This field is available only when Public access is selected.

URL of the page where users go to reset or change the password. The value from the URL suffix field is appended to the URL when you tab out of the URL suffix field. For the Default self-service Password Reset process, this value must be /$pwd_reset.do?sysparm_url=default.

URL suffix

This field is available only when Public access is selected.

Suffix used to create a unique URL for the Password Reset or Password Change form.

Display CAPTCHA

This check box is available only when Public access is selected.

Select the check box to display a CAPTCHA on the user identification page.

The Password Reset application uses Google reCAPTCHA as the default CAPTCHA service. See Configure Google reCAPTCHA.

Note: The Password Reset Windows Application uses the base-system CAPTCHA service even if the Password Reset application is configured to use Google reCAPTCHA.
To use the CAPTCHA service that is provided with the base system, change the password_reset.captcha.google.enabled system property to false.
Note: Because on-premises instances do not have access to the Internet, they cannot use the Google reCAPTCHA service. Set the password_reset.captcha.google.enabled property to false for on-premises instances.
Identification type Method that the user employs to claim their identity for the public Password Reset or Password Change process. Any selection overrides the default identification that is associated with the process.

The base system includes the Email and Username Identification identification types. You can create a custom identification type (some knowledge of JavaScript is recommended).

See Personal data identification types and confirmation type verifications.

Minimum verifications Number of verifications that a user must successfully submit to reset the password.

If the number exceeds the number of mandatory verifications, then the user must submit enough additional optional verifications to meet the number specified for Minimum verifications.

By default during the password reset process, the system presents optional verifications to the user based on the Order values for the verifications.

Note: Each user must submit all mandatory verifications regardless of the number specified.
Email Password Reset URL Select the check box to enable users to reset the password by clicking a link in an email that the instance sends to them. By default, the self-service Password Reset processes enable this option.
When you select this option, the Auto-generate password check box is not available.
Note: See Self-service Password Reset process: overview for an outline of the process that is enabled by default.
Enable account unlock

This check box is available only when Password reset is selected.

Select the check box to allow user accounts on credential stores to be unlocked without resetting the password.

Note: Not supported by the default self-service Password Reset process.
Unlock user account Select the check box to unlock user accounts on credential stores after a password reset.
Auto-generate password This check box is available only when:
  • The Password reset check box is selected.
  • The Email Password Reset URL check box is not selected

Select the check box to auto-generate a new password for the user. When this check box is selected, you must select the Email password or Display password check box, or both. This setting is useful for service desk-assisted processes.

Note: Clear the check box to enable the Enforce history policy option for a credential store. See Configure and test the Password Reset connection to a credential store.
User must reset password

This check box is available only when Auto-generate password is selected.

Select the check box to require users to reset their password immediately after logging in with the auto-generated password.
Note: Users whose credentials are held in the local ServiceNow instance credential store are prompted to change their password the first time that they log in. Users whose credentials are held in an Active Directory credential store are not prompted to change their passwords in the instance. Such users must change their passwords from a computer on the domain.
Display password

This check box is available only when Auto-generate password is selected.

Select the check box to display the new password on the screen. In a self-service process, the password appears on the user screen. In a service desk-assisted process, the password appears on the service desk agent screen.
Email password

This check box is available only when Auto-generate password is selected.

Select the check box to email the new password to the user. The setting is useful in both self-service and service desk-assisted processes. The setting can add a layer of security by requiring that users access their email to view the password. In a service desk-assisted process, emailing the password to users ensures that only the user requesting the password reset can view the password.

Related lists
Verifications

This related list is available only after the record has been saved.

One or more verifications that the process uses. See Password Reset verifications.

Groups

The Groups related list is available only after the record has been saved and if the Apply to all users check box is cleared.

ServiceNow user groups to associate with the Password Reset process.