Is there info available on 'Password', 'Password2' Field Types?

nasa
Kilo Contributor

I am exploring options for a password storage solution. I observed there are 2 data types
Password
Password2

I was unable to find any documentaion on this. Has somebody used these fields or built a solution for password storage?
Interested to hear any leads on the same

4 REPLIES 4

tony_fugere
Mega Guru

I believe ServiceNow just has two types of passwords based on new features and legacy compatibility. New password fields should use password2, but password type is available so the original fields still work.

Take a look at the system and you'll see there are a few things happening here:

1. The display is different:
find_real_file.png

2. The encryption is different, but I'm not sure which protocols are being used. Check this out. I added two custom fields to the User table and put in "test1" as the "password" for each field.



var user = new GlideRecord('sys_user');
user.get('user_name', 'admin');
gs.print('Password 1: ' + user.u_password_1);
gs.print('Password 2: ' + user.u_password_2);

Output:


*** Script: Password 1: tESsBmE/yNY3lb6a0L6vVQEZNqw=
*** Script: Password 2: bVh6Su72cbI=


nasa
Kilo Contributor

Thanks a lot Tony for the update.


I believe ServiceNow just has two types of passwords based on new features and legacy compatibility. New password fields should use password2, but password type is available so the original fields still work.



I know this thread is a bit old, but thought I would provide additional info regarding 'password' field types for future readers. According to the wiki, 'password' is fundamentally different than the 'password2' data type. I would recommend choosing an appropriate field type based on the data being stored and your needs.


Password (1 Way Encrypted)Text field that stores passwords with one-way encryption. One-way encryption stores the password as a secure hash value that cannot be decrypted.
Password (2 Way Encrypted)Text field that stores passwords with two-way encryption. Two-way encryption stores the password as a secure encrypted value that can be decrypted programmatically within the instance.

Introduction to Fields - ServiceNow Wiki


Here I am 10 years later appreciating this post, thank you!