Public access
The check box is available only when Password
reset is selected.
Select the check box to enable a self-service
process with public user access to the Password Reset or Password Change form through a URL.
Clear the check box to define a Service
desk-assisted process in which only service desk
agents can reset a password at the request of a
user.
Public URL
The field is available only when Public
access is selected.
URL of the page where users go to reset or change the
password. The value from the URL suffix field is
appended to the URL when you tab out of the URL suffix
field. For the Default self-service Password Reset process, this value must be
/$pwd_reset.do?sysparm_url=ss_default .
URL suffix
The field is available only when Public
access is selected.
Suffix used to create a unique URL for the Password Reset or Password Change form.
Display CAPTCHA
The check box is available only when Public
access is selected.
Select the check
box to display a CAPTCHA on the user identification page.
The Password Reset application uses Google reCAPTCHA as the default
CAPTCHA service. See Configure Google reCAPTCHA for the password reset process .
Note: The Password Reset Windows Application uses the base-system CAPTCHA service even if the Password Reset application is configured to use Google reCAPTCHA.
Because on-premises instances do not have
access to the Internet, the instances cannot use the
Google reCAPTCHA service. Set the
password_reset.captcha.google.enabled
system property to false for
on-premises instances.
To use the base system CAPTCHA, change the
password_reset.captcha.google.enabled system property to
false .
Identification type
Method that the user employs to claim identity for the
public Password Reset or Password Change process. Any selection overrides the
default identification that is associated with the process.
The base system includes the Email and Username Identification
identification types. You can create a custom
identification type (some knowledge of JavaScript is
recommended).
See Personal data identification types and confirmation type verifications .
Post-reset
URL
URL to go to after a
successfully resetting a password — typically, the URL of
the original login page. Enter a complete path, including
the protocol (for example, https://myDomain.myURL.com).
If the path is under the same domain as the
Public URL , then start the
path with the / character.
Note: If the
Auto-generate password check
box is selected, then the instance displays the new
password. The user must click
Done to go to the
URL.
Minimum verifications
Number of verifications that a user must successfully
submit to reset the password. If the number exceeds the
number of mandatory verifications, then the user must
submit enough additional optional verifications to meet
the number specified for Minimum
verifications .
Note: Each user must
submit all mandatory verifications regardless of the
number specified.
By default, during the
password reset process, the system presents optional
verifications to the user based on the
Order values for the
verifications. If you selected Allow user to
choose from optional verifications , then
the Verification page presents all optional
verifications to the user. The user then selects the
appropriate number of verifications. In this example,
the Minimum verifications value
is 1 . Because no mandatory
verifications are configured, the user can choose an
optional verification.
Also, see Allow
user to choose from optional
verifications .
Allow user to choose from optional
verifications
Select the check box to enable a user, on the
Verifications page during the process of resetting the
password, to select which optional verifications to use. The
choice of optional verifications appears only if the
Minimum verifications setting is
greater than the number of mandatory verifications. The
number that you specify for Minimum
verifications determines how many
optional verifications that the user is allowed to
select.
In the example, the
Minimum
verifications setting is
2 and there are no mandatory
verifications. The user has selected two optional
verifications, so cannot select a third
verification.
Email Password Reset URL
Select the check box to enable users to reset the
password by clicking a link in an email that the instance
sends to them. By default, the self-service Password Reset processes enable this option. When you select this
option, the
Auto-generate
password check box is not
available.
Enable account unlock
This check box is available only when Password
reset is selected.
Select the check box to allow user accounts on credential
stores to be unlocked without resetting the
password.
Note: Not supported by the default self-service Password Reset process.
Unlock user account
Select the check box to unlock user accounts on
credential stores after a password reset.
Auto-generate password
Select the check box to auto-generate a new password
for the user. When this check box is selected, you must
select the Email password or
Display password check box,
or both. This setting is useful for service
desk-assisted processes.
This check box is available
only when:
The Password reset check box
is selected.
The Email Password Reset URL
check box is cleared.
User must reset password
This check box is available only when
Auto-generate password is
selected.
Select the check box to require users to reset their
password immediately after logging in with the
auto-generated password.
Note: Users whose credentials
are held in the local ServiceNow instance credential store are prompted to change
their password the first time that they log in.
Users whose credentials are held in an Active
Directory credential store are not prompted to
change their passwords in the instance. Such users
must change their passwords from a computer on the
domain.
Display password
This check box is available only when
Auto-generate password is
selected.
Select the check box to display the new
password on the screen. In a self-service process, the
password appears on the user screen. In a service
desk-assisted process, the password appears on the service
desk agent screen.
Email password
This check box is available only when
Auto-generate password is
selected.
Select the check box to email the new password to the
user. The setting is useful in both self-service and
service desk-assisted processes. The setting can add a
layer of security by requiring that users access their
email to view the password. In a service desk-assisted
process, emailing the password to users ensures that
only the user requesting the password reset can view the
password.