Password Policy Help

joelmcm
Tera Contributor

Hi all,

 

Is there a way to update the password policy to include a maximum length of 5 lowercase characters?

 

The full requirements:

 

Minimum Password Length: 8
Minimum Uppercase Characters: 1
Maximum Lowercase Characters: 5
Minimum Numeric Characters: 1
Minimum Special Characters: 1

 

Thanks!

4 REPLIES 4

Saurav11
Kilo Patron
Kilo Patron

Hello,

 

Change your password strength preset to custom then you will be able to update it.

 

Saurav11_0-1686221148527.png

 

Please mark my answer as correct based on Impact.

joelmcm
Tera Contributor

Hi,

Thanks for your reply, however I have tried this. There is no option for Maximum Lowercase Characters.

Is there any way this can be done?

tannerro
Tera Contributor

For anyone looking for a more elaborate policy password, in particular rule 7, to exclude any passwords that contain certain words (foo or bar). This behaves differently to the excluded password list of direct matches.

 

//ADD RULES LIKE THIS 'var rule1 = {'hint': gs.getMessage('Minimum 8 characters'),'regex':'^.{8,}$'};' 
//AND PUSH THEM IN THE RULES ARRAY FOR ADDING NEW RULES.  
(function executePasswordRuleScript() { 
var rules = new Array(); 
var rule1 = {'hint': gs.getMessage('Minimum 9 characters'),'regex':'^.{9,}$'}; 
var rule2 = {'hint': gs.getMessage('Minimum 1 lowercase character'),'regex':'((.*?[a-z]).*?)'};
var rule3 = {'hint': gs.getMessage('Minimum 1 uppercase character'),'regex':'((.*?[A-Z]).*?)'}; 
var rule4 = {'hint': gs.getMessage('Minimum 1 number'),'regex':'((.*?[0-9]).*?)'};  
var rule5 = {'hint': gs.getMessage('Minimum 1 special character'),'regex': '((.*?[@$#!%^&*]).*?)'};
var rule6 = {'hint': gs.getMessage('Maximum 100 characters'),'regex':'^.{0,100}$'}; 
var rule7 = {'hint': gs.getMessage('Do not include "rest" or "super"'),'regex': '(?i)^((?!foo|bar).)*$'}; 
rules.push(rule1, rule2, rule3, rule4, rule5, rule6, rule7); 
return rules; 
})(); 

 

chetanb
Tera Guru

Hello @joelmcm 

 

Have a look -https://docs.servicenow.com/bundle/vancouver-platform-security/page/integrate/authentication/task/enable-password-policies.html

 

Note: The Password Policy plugin (com.glide.password_policy) is enabled by default. The policy goes into effect when a user changes or resets the password.

The Password Strength Preset field is automatically set to Default Strong. If you want to add new criteria, you can perform the following procedure.

 

 

Procedure

 

Navigate to All > Password Policy > Password Policies.

Click New.

Specify the Name for your password policy.

In the Password Policy Criteria section, select one of the following presets from the Password Strength Preset field.

5. To change the password policy navigate to All > Password Reset > Credentials Stores, select the credentials 

 

 

PFB for password change policy.

 

Please mark my answer correct and helpful if it solves your problem.

 

Regards,