Failed Login Attempts not logged in the user table

Tony Santos1 · ‎10-05-2018

When a user attempts to log into our Servicenow instance with incorrect credentials the login.failed event gets triggered however the user never gets locked. The user should be locked out after 3 login attempts.

In the password reset properties the value "Number of unsuccessful attempts allowed for resetting/changing password" is set to 3. I'm able to login immediately after 4 incorrect login attempts. When I look at the failed login attempts column in the users table I'm not finding any values. Is there something I need to turn on in order to start tracking?

SanjivMeher · ‎10-05-2018

You will have to activate below script action

Reference: https://docs.servicenow.com/bundle/london-servicenow-platform/page/administer/security/task/t_Lockou...

Please mark this response as correct or helpful if it assisted you with your question.

View solution in original post

SanjivMeher · ‎10-05-2018

Do you have SSO or LDAP enabled. Because the lockout will depend upon that.

The ServiceNow settings should apply to local account

Please mark this response as correct or helpful if it assisted you with your question.

Tony Santos1 · ‎10-05-2018

No LDAP or SSO in our instance.

SanjivMeher · ‎10-05-2018

You will have to activate below script action

Reference: https://docs.servicenow.com/bundle/london-servicenow-platform/page/administer/security/task/t_Lockou...

Please mark this response as correct or helpful if it assisted you with your question.

Tony Santos1 · ‎10-05-2018

A had actually already done this a little earlier and was about to mention it before your last reply. I did this in my personal development instance as a test and it didn't work initially but after about an hour it just started to work. The personal instances for some reason don't always take changes right away. I'm going to try this in my companies dev instance now. Thanks for your help