Community Alums
Not applicable
Options
- Post History
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
10-15-2023 04:15 AM - edited 10-15-2023 04:19 AM
Hello community!
In today's digital landscape, where security is paramount, ServiceNow stands as a guardian for your organization's vital data. Preventing weak passwords and ensuring strong authentication is key to safeguarding your ServiceNow instance. Let's embark on a journey to create a robust password policy, step by step, and explore how to exclude common passwords, ensuring your fortress remains impenetrable. Your organization's data is invaluable; let's protect it effectively.
The steps to create a strong password policy in ServiceNow:
1. Access Password Policies
In the ServiceNow menu, type "Password Policies" in the search bar and select it.
Password Policy > Password Policies
2. Create a New Policy
Click "New" to start creating a new password policy.
3. Define the Policy
Fill in the remaining fields on the form:
| Field | Description |
| Name | Give your policy a clear name like "Strong Password Policy". |
| Minimum Password Length | Set the minimum password length to 8–10 characters. This option is visible for all presets except the Advanced preset. |
| Maximum Password Length | Set this field to a maximum of 100 characters. This option is displayed for all the presets except Advanced. |
| Minimum Uppercase Character(s) | Set the minimum number of uppercase characters in the password, ranging from 0 to 10. |
| Minimum Lowercase Character(s) | From 0 to 10, set the minimum number of lowercase characters in the password |
| Minimum Numeric Character(s) | Set the minimum number of characters in the password from 0 to 10. |
| Minimum Special Character(s) | Specify the allowable range of special characters in the password, from 0 to 10 |
| Included Special Characters | Enable the use of specific special characters without any separators. For instance, if you select "$" and "!", users will only be able to use these two special characters in their passwords. All other special characters will be prohibited, ensuring that passwords remain compliant. |
| Excluded Special Characters | Note: This option is available if the glide.password_policy.use_excluded_special_char property is enabled. To prevent the use of specific special characters without requiring delimiters, such as '@', '$', and '!', you can enter them as a restricted set. Users will then be unable to include these special characters in their passwords. |
| Disallow User Data | You have the option to disallow authentication-related user data. |
| Sequence Length Threshold | The sequence length of your password. |
| Repetition Length Threshold | The repetition length of your password. Note: Both the sequence length threshold and repetition length threshold can have a maximum of eight characters. These fields allow you to limit weak password combinations with predictable and repetitive sequences, like "123456," "qwerty," "!@#$%^," "aaaaa," and more. When the Password Strength Preset is set to Default Strong, both the sequence length threshold and repetition length threshold are automatically set to four characters. |
| Test Your Password | Specify your actual password in this field. |
4. Click Test Your Password
After setting your preferences, click "Submit" or "Save" to save the policy.
5. After validating the policy, click submit to submit the.
6. Done!
Note: Remember to test your password before submitting.
Helpful tip:
You can exclude common passwords by adding them to the "blacklisted_password" table.
Navigate to "Password Policy > Excluded Password"
If this helped you in any way, please hit the like button/mark it helpful. So it will help others to get the correct solution.
regards,
Prasad
- 859 Views
