Configure the required strength for passwords

The password that a user defines must meet certain requirements — it must contain at least eight characters, it must include a numeral, and so on. You can configure the requirements as needed for your organization.

Before you begin

Role required: password_reset_admin

About this task

The base system includes example credential stores with various password requirements. You can modify password requirements and provide users with hints for creating password. The default requirements for a new password are:
  • At least eight characters
  • At least one uppercase and one lower case letter
  • At least one numeral
Note: This topic describes the procedure for configuring password strength requirements only. You can configure several other settings for the credential store, as described in Configure and test the Password Reset connection to a credential store.

Procedure

  1. Navigate to Password Reset > Credential Stores.
  2. Select the credential store in the list and then configure the following settings:
    Password rule hint Text that appears on the password reset page to help the user to create a password that meets all requirements. The Password rule script enforces the requirements.
    Note: The Password Reset Windows Application supports newline characters in the hint. Other formatting is not supported (bold, underline, hyperlink, and so on).
    Password rule Client script that validates the password that the user enters. The script is invoked when the user enters a new password and clicks Password Reset. You can use the script to enforce password strength/complexity requirements.
    Enable Password Strength Select the check box to:
    • Display the text box for the Strength rule script so you can update the script.
    • Display the graphical Password Strength bar to the user while the user changes or resets the password.
    Note: The Password Reset Windows Application does not support Password Strength.
    Strength rule This text box appears only if you select Enable Password Strength.
    Note: The Password Reset Windows Application does not support Password Strength.

    Client script that calculates the strength/complexity of the password that the user enters. The script is invoked when the user begins to enter a new password during the reset process.

    Default settings:
    • Selected for local ServiceNow credential stores
    • Not selected for other credential stores
    Note:

    To guide the user during the reset process, the system displays a graphical bar labeled Password Strength under the New password field.

  3. Click Submit.
    You should test the connection to a credential store after you configure a new credential store or when users experience problems that might involve the connection.
  4. Navigate to Password Reset > Credential Stores and then open the credential store.
  5. In the header bar, click Save and Test Connection.
    A progress page displays the result of the test.