Self-service Password Reset process: overview The self-service Password Reset process enables a user to reset the password without assistance from service desk agents. This feature works for locally authenticated users who enter the username and password specified in their user record. Users logging in to the instance via an SSO solution or an LDAP integration cannot reset passwords with self-service Password Reset. The user must have notification preferences enabled and configured. See Subscription-based notifications. Administrators can modify the email that is sent to the user. Example: Default self-service password reset flow If a user does not remember the password, the user can click the Forgot Password? link on the login screen. On the Identity page, the user identifies himself or herself by entering a Username. On the Verify page, the user proves that they are the person who is associated with the username. In this example, the user enters the email address that is associated with the user profile. The admin can configure a different verification method or can require additional verifications, for example, a personal question that only the user can answer. The Reset page tells the user to check email for instructions. The user opens the email and clicks the here link to reset the password. The link is valid for 12 hours. The Reset Password page guides the user to reset the password. How password reset works Several components in the Self Service Password Reset (com.snc.password_reset) plugin and the Password Reset (com.glideapp.password_reset) plugin control the password reset flow. Table 1. Properties accessible from the System Properties [sys_properties] table glide.security.forgot_password.display.link If set to true, displays the Forgot Password? link on the login page. Default: true glide.security.password_reset.uri URI that the user is redirected to after they click Forgot Password?. Default: /$pwd_reset.do?sysparm_url=ss_default See Password Reset Properties for a list of all properties. Table 2. Password reset process Name Description Default Self Service The default process from the Password Reset application (com.glideapp.password_reset). This process defines: The URI that specifies where users are redirected when they click Forgot Password?. By default this value is /$pwd_reset.do?sysparm_url=ss_default, which is the same value used in the glide.security.password_reset.uri property. In previous releases, this value was set to /reset_password.do. The Enable Password Reset URL option, which specifies that the user should receive an email with a link to reset their password after they click Forgot Password?. The Personal Data - Enter Email Address verification flow that specifies the three-step password reset flow. See Settings on the Password Reset Details tab for instructions on accessing this form and configuring the fields. Advanced password reset configurationYou can customize the Password Reset and Password Change applications to meet your organization's needs. See Password Reset and Password Change applicationsor more information. Also see Configure Password Reset properties for a list of properties that control several aspects of password reset. Troubleshooting the email notificationIf the instance does not send the email notification to the user: Check the System Event [sys_event] table to see if the email was sent. Verify that the user is subscribed to the notification. Verify that the Default Self Service password reset process and password reset properties are configured correctly.