- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-24-2016 06:02 PM
Hi folks,
Just been asked by my colleague who is a Functional Spec Analyst who is writing a documentation about ServiceNow Security, one requirement is about two layers security protection, I know ServiceNow has username and password to identify a user identity, but wonder if there is a security questions mechanism also to enhance the security in Fuji release.
Any input would be appreciated.
Kind regards,
George
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-25-2016 12:13 AM
Hi George,
You could also write your own code to present another challenge at login, if you have a table with security questions stored for the users.
- Look in the module "Installation Exits" and you can find the login script being used on your instance (it might just be "Login", or it could be one of the SSO scripts if you're using something like that).
- You can insert some functionality in this login script to query the security questions table on the username provided and prompt for an answer. Then either allow the login to proceed or force it to fail, depending on their success.
Good luck,
-Brian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-24-2016 11:53 PM
Hi George,
Currently ServiceNow doesn't supports 2 factor authentication in Fuji release, but it has a plugin for it in Geneva (Activate multifactor authenticator ).
For Fuji, I've seen some customers using SecureAuth but I've not configured it so not sure how good it is:
Regards,
Sergiu
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-25-2016 12:13 AM
Hi George,
You could also write your own code to present another challenge at login, if you have a table with security questions stored for the users.
- Look in the module "Installation Exits" and you can find the login script being used on your instance (it might just be "Login", or it could be one of the SSO scripts if you're using something like that).
- You can insert some functionality in this login script to query the security questions table on the username provided and prompt for an answer. Then either allow the login to proceed or force it to fail, depending on their success.
Good luck,
-Brian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-26-2016 09:16 PM
Thanks Brain. I was able to locate the Installation Exits -> Logon, and modify the scripts. I will leave it for now, as this question was for documentation purposes asked by my colleague.
Thanks for your assistance.
Kind regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-15-2024 06:16 AM
How i can make that logic if i need 2 face authentication I have same requirement
1 simple username and password
2 Security qiestion which user set first time they login
