Trusted mobile devices
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
15 hours ago
Does a trusted mobile device registered by a user ever expire?
We are currently experiencing behavior that appears to indicate the trusted mobile device is expiring or becoming invalid after a period of time. However, we have not been able to identify any configuration, system property, or policy that would cause the trusted device registration to expire automatically.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 hours ago
Hi Buddy,
No — trusted mobile devices dont have a built-in expiration timer in ServiceNow. There isnt a setting, policy, or system property that automatically expires them after X days.
When it looks like a trusted device “expired,” what’s actually happening is that the trust can no longer be validated, so ServiceNow asks for MFA again.
This usually happens if something changes on the user side, like:
Cookies or browser storage being cleared
Using incognito/private mode
Browser updates or switching browsers/devices
It can also happen if something changes on the security side, such as:
A password or MFA reset
SSO or identity provider changes
MFA policy or provider updates
In those cases, the trusted device record may still exist, but the browser can’t prove it’s the same trusted device anymore.
Essentially: trusted devices don’t expire on their own but they do get invalidated when the login or browser context changes which makes it feel like they expired.
@HBauer - Please mark Accepted Solution and Thumbs Up if you found Helpful!
