Password Policy Help
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-08-2023 03:35 AM
Hi all,
Is there a way to update the password policy to include a maximum length of 5 lowercase characters?
The full requirements:
Minimum Password Length: 8
Minimum Uppercase Characters: 1
Maximum Lowercase Characters: 5
Minimum Numeric Characters: 1
Minimum Special Characters: 1
Thanks!
- Labels:
-
Password Reset
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-08-2023 03:46 AM
Hello,
Change your password strength preset to custom then you will be able to update it.
Please mark my answer as correct based on Impact.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-08-2023 03:52 AM
Hi,
Thanks for your reply, however I have tried this. There is no option for Maximum Lowercase Characters.
Is there any way this can be done?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-20-2024 05:06 PM
For anyone looking for a more elaborate policy password, in particular rule 7, to exclude any passwords that contain certain words (foo or bar). This behaves differently to the excluded password list of direct matches.
//ADD RULES LIKE THIS 'var rule1 = {'hint': gs.getMessage('Minimum 8 characters'),'regex':'^.{8,}$'};'
//AND PUSH THEM IN THE RULES ARRAY FOR ADDING NEW RULES.
(function executePasswordRuleScript() {
var rules = new Array();
var rule1 = {'hint': gs.getMessage('Minimum 9 characters'),'regex':'^.{9,}$'};
var rule2 = {'hint': gs.getMessage('Minimum 1 lowercase character'),'regex':'((.*?[a-z]).*?)'};
var rule3 = {'hint': gs.getMessage('Minimum 1 uppercase character'),'regex':'((.*?[A-Z]).*?)'};
var rule4 = {'hint': gs.getMessage('Minimum 1 number'),'regex':'((.*?[0-9]).*?)'};
var rule5 = {'hint': gs.getMessage('Minimum 1 special character'),'regex': '((.*?[@$#!%^&*]).*?)'};
var rule6 = {'hint': gs.getMessage('Maximum 100 characters'),'regex':'^.{0,100}$'};
var rule7 = {'hint': gs.getMessage('Do not include "rest" or "super"'),'regex': '(?i)^((?!foo|bar).)*$'};
rules.push(rule1, rule2, rule3, rule4, rule5, rule6, rule7);
return rules;
})();
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-20-2024 09:10 PM
Hello @joelmcm
Have a look -https://docs.servicenow.com/bundle/vancouver-platform-security/page/integrate/authentication/task/enable-password-policies.html
Note: The Password Policy plugin (com.glide.password_policy) is enabled by default. The policy goes into effect when a user changes or resets the password.
The Password Strength Preset field is automatically set to Default Strong. If you want to add new criteria, you can perform the following procedure.
Procedure
Navigate to All > Password Policy > Password Policies.
Click New.
Specify the Name for your password policy.
In the Password Policy Criteria section, select one of the following presets from the Password Strength Preset field.
5. To change the password policy navigate to All > Password Reset > Credentials Stores, select the credentials
PFB for password change policy.
Please mark my answer correct and helpful if it solves your problem.
Regards,