Password Reset global properties
You can configure the Password Reset global properties.
| Property Label | Property Name | Description |
|---|---|---|
| Password Reset Global Properties | ||
| Email template for enrollment reminder emails | password_reset.enroll _reminder.email_template | The instance can send email reminders to users who are not yet enrolled in the Password Reset process. Template to use for the email messages that remind users to enroll for the password reset process. See Send email to remind users to enroll for Password Reset. |
| Workflow polling frequency | password_reset.wf.refresh_rate | Time period in milliseconds between checks on status of the Password Reset workflow.
|
| Workflow expiration | password_reset.wf.timeout | Maximum wait time in milliseconds for the workflow to complete. The workflow is
triggered during the password reset request when the user clicks
Submit.
|
| Disable CAPTCHA validation functionality | password_reset.captcha.ignore | Enables or disables CAPTCHA functionality.
The Password Reset application uses Google re-CAPTCHA as the default CAPTCHA service. To use the base system CAPTCHA, change the password_reset.captcha.google.enabled system property to false. |
| Password Reset Request Properties | ||
| Number of unsuccessful attempts allowed to resetting/changing password | password_reset.request.max_attempt | Number of password reset attempts a user is allowed before they are locked out
for a period determined by the value in max_attempt_window.
|
| Number of minutes a user needs to wait for resetting/changing password after exceeding the maximum allowed unsuccessful attempts | password_reset.request.max_attempt_window | Time period that users are blocked or prevented from changing their passwords
after trying the maximum number of times.
|
| Number of minutes a user needs to wait to reset/change password after the last successful reset/change | password_reset.request.success_window | Time period that a user must wait after successfully resetting the password to
reset the password again.
|
| Number of minutes a user needs to wait to start a reset request after the last successful unlock account. | password_reset.request.unlock_window | Time period that a user must wait after a successful unlock operation before
starting a new request.
|
| Number of minutes before a password reset request expires | password_reset.request.expiry | Time period during which a user must perform the Password Reset process.
|
| Number of hours before the password reset one time token validity expires | glide.pwd_reset.onetime.token.validity | Time period during which a user must perform the Password Reset process using the email link.
Note: The setting for the glide.pwd_reset.onetime.token.validity property takes precedence over the setting for password_reset.request.expiry when the Email Password Reset
URL check box on the process record is selected. |
| Maximum number of times that a user can receive "Reset Password" link via email, in a span of 24 hours. The upper limit is 5. | password_reset.request.max_email | Maximum number of times a user can receive emails containing a link for resetting a password in a duration of 24 hours. For example, when you set the maximum number to 3, users would receive 3 emails in the duration of 24 hours. The maximum number you can set is 5. |
| Password Reset Security Question Properties | ||
| Number of security questions required during the password reset request | password_reset.qa.num_reset | Number of security questions that are displayed on the Verify page while a user is
attempting to reset the password. The user must answer all questions correctly to
verify identity. The questions
are selected at random and are presented in random order.
Note: You can override this property setting for a Password Reset process by configuring the
num_reset parameter. See Specify the number of required
security questions. |
| Number of security questions required during enrollment | password_reset.qa.num_enroll | Number of questions that a user must provide answers to while enrolling for the Password Reset process.
Note:
|
| Minimum length requirement for security answers | password_reset.qa.ans_min_len | Minimum number of alphanumeric characters that the user must enter in the answer text box for any security question. Default value: 3 characters |
| Password Reset SMS Code Properties | ||
| Maximum number of SMS codes sent for verification per day | password_reset.sms.max_per_day | Maximum number of SMS codes that are sent to a user within one 24-hour period. The
24-hour period begins when a user clicks Send Code.
Note: You can override this SMS code property by adding the
max_per_day parameter in the SMS code verification. |
| Number of minutes before the user can attempt to send another SMS code for verification | password_reset.sms.pause_window | Time that must pass before another SMS code can be sent to a user.
Note: You can override this SMS code property by adding the
pause_window parameter in the SMS code verification. |
| Number of digits in the SMS code sent to the user | password_reset.sms.default_complexity | Number of characters required for a user to reset their password.
You can override this SMS code property by adding the complexity parameter in the SMS code verification. |
| Number of minutes before the SMS code expires | password_reset.sms.expiry | Time, in minutes, until the SMS code sent to the user expires.
Note: You can override this SMS code property by the
expiry parameter in the SMS code verification. |
| Use Notify for SMS code notification for enrollment and verification | password_reset.sms.use_notify | Support for SMS channel used for notifying users for password reset enrollment and verification. If selected, the users would receive notifications through Notify.
Note: To use Notify, you must activate the Notify plugin (com.snc.notify). |
| Password Reset Soft PIN Properties | ||
| Enable Soft PIN expiration | password_reset.softpin.expiration_enabled | Enables or turns off Soft PIN expiration for users.
Use this property when you want to let users know that their Soft PIN is expiring. You can enable sending reminders for Soft PIN expiration. If the users are resetting Soft PIN using the Virtual Agent,they view the corresponding messages with the number of days when the Soft PIN is going to expire. |
| The number of days after which the Soft PIN expires | password_reset.softpin.expiration_day | Number of days after which the Soft PIN expires. For example, if you set the number to 90, the Soft PIN will expire after 90 days are completed. The minimum limit is 30 days. Default value: 90 |
| Enable Soft PIN expiration reminder | password_reset.softpin.expiration_reminder_enabled | Enables or turns off the Soft PIN expiration reminders. If selected, the users will not get any email notifications stating that their Soft PIN is expiring.
|
| The time at which the Soft PIN expiration reminder is sent. Format: HH:MM | password_reset.softpin.expiration_reminder_time | The time at which you want the users to receive the reminders. You must enter the value in the HH:MM format. Default value is 00:00 at system time zone. |
| The number of days that specify when to send a reminder before the Soft PIN expires | password_reset.softpin.expiration_reminder_warn_days | Number of days that specify when to send a reminder before the Soft PIN expires. For example, if you set the value to 5, users would get the reminder 5 days before their Soft PIN expires. Default value: 10 |
| The number that sets a history limit on reusing previously used Soft PINs for the enrollment. Use any value from 1 to 30 | password_reset.softpin.history_limit | Number of previous Soft PINs which can’t be reused for the enrollment. For example,if you set the number to 3, the users won't be able to use the same Soft PIN that's used in the previous 3 Soft PINs. You must use the number between 1 and 30. Default value: 5 |
| Password Reset Monitoring and Reporting Properties | ||
| Time interval, in minutes, for counting blocked users | password_reset.activity_monitor.incident_window | Time window to count the number of blocked users.
|
| Number of blocked users, in the defined time interval, that triggers a system log event | password_reset.activity_monitor.incident_threshold | Number of blocked (or locked) users, within the specified time window, that
triggers a system log event.
|
| Password Reset Style Sheet | ||
| Style sheet to apply to end-user pages during the password reset process. | password_reset.stylesheet | Name of a custom CSS style sheet in the Style Sheet [content_css] table. You can
use the default style sheet as a template for the custom style sheet. You cannot add
element definitions to the style sheet.
|
Note:
Several components in the Self Service Password Reset (
com.snc.password_reset) plugin and the Password Reset (com.glideapp.password_reset) plugin control the password reset flow. The
following properties affect Password Reset, but do not appear on the page:You can add the
glide.pwd_reset.onetime.token.validity property to the System Properties [sys_properties] table to specify the number of hours that the Password Reset token should be valid. Default: 12.Note:
The setting for the
glide.pwd_reset.onetime.token.validity property takes precedence over the setting for
password_reset.request.expiry when the Email Password Reset URL checkbox on the process record is selected.Properties accessible from the System Properties [sys_properties] table:
- For Password Reset on mobile devices, you can specify the URL that the user is taken to when user taps the Forgot password? button. See the
glide.security.password_reset.uriproperty in High Security Settings . Default: /$pwd_reset.do?sysparm_url=ss_default - If
glide.security.forgot_password.display.linkis set to true, displays the Forgot Password? link on the login page.