Configure password expiration reminder
-
- UpdatedJan 30, 2025
- 2 minutes to read
- Yokohama
- Password Reset Application
You can configure the password reset expiration reminder feature to send notifications to change or reset a user’s password whenever it is going to expire.
Before you begin
You must enable the pwd_reset.enable.password_expiration_reminder property to configure password expiration reminder. By default, this property is turned off.
Role required: admin
About this task
After configuring password expiration reminder, notifications are sent to users by different channels, such as emails, text messages, or actionable virtual agent notifications. Users get an option to reset or change the password through notifications, such as a link that users can select to reset or change the password.
Procedure
Related Content
- Credential stores for Password Reset
Credential stores hold user information such as user names and passwords that can be used as login credentials. Examples include the User table [sys_user] or an Active Directory server.
- Password Reset verifications
Each verification specifies the method and process for verifying the identity of the user that is requesting a password reset.
- Configure your Password Reset process to auto-enroll users
To simplify management, many organizations auto-enroll users in the Password Reset program. Every base-system verification type enables you to specify automatic enrollment for your process.
- Enable users to enroll for Password Reset
To enable users to enroll for the Password Reset program, you specify a UI macro that takes the user through the enrollment process and a script that processes the enrollment data that the user entered. The base system includes a functioning macro and script.
- Configuring Password Reset properties
You can specify properties that configure the Password Reset experience for end users.
- Send email to remind users to enroll for Password Reset
You can automatically send messages that remind users to enrolled in the Password Reset process. You specify the text of the message and can configure the messages to repeat at intervals.
- Configure the required strength for passwords
The password that a user defines must meet certain requirements — for example, it must contain at least 12 characters, it must include a numeral, and so on. You can configure the requirements as needed for your organization.
- Specify lockout for failed login attempts
The system provides inactive script actions that enable you to specify the number of failed login attempts before a user account is locked and to reset the count after a successful login.
- Configure Google reCAPTCHA for the password reset process
To use the Google reCAPTCHA service, instances that are running on a domain other than service-now.com require an API key pair from Google.
- System properties for password expiration
You can configure the system properties that support operations in password expiration.