Make the Password Reset username limited to the currently logged in user

Rairai31 · ‎08-08-2023

Hi All,

I have this requirement in the Password Reset that users should not be able to reset passwords for other users by supplying a valid username. I have checked the password reset > Processes but not really sure where to configure it. Looking forward to your responses. Thank you.

Utpal Dutta · ‎08-08-2023

Hi there,

With all due respect, I don't think this requirement makes any sense because when you've forgotten your password means you're unable to login then how will the system verify that who is trying to reset the password as the user is not currently logged in/Unknown. So you'll never be able to identify the user with any kind of script.

Please get this requirement validated.

If my answer helps please mark it Helpful or Correct!

Thanks,

Utpal

View solution in original post

Ankur Bawiskar · ‎08-08-2023

@Rairai31

I don't think out of the box there is any validation.

Did you check any password reset related script include where you can check this?

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Rairai31 · ‎08-08-2023

Hi @Ankur Bawiskar , I found this script include - PwdIdentifyViaUsername (I believe this is OOB). But not really sure if this is the one that should be modified.

Ankur Bawiskar · ‎08-09-2023