Limit Allowed Number of Failed Login Attempts Before Lockout

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Two script actions are available that enable a site administrator to manage the number of times a user can provide an incorrect password before being locked out from the ServiceNow AI Platform. You can enable either of these script actions to manage failed login attempts.

    The SNC User Lockout Check or SNC User Lockout Check with Auto Unlock script actions enable the administrator to manage the number of failed login attempts for a user. Two script actions are available that enable a site administrator to manage the number of times a user can provide correct password before getting locked out from the Now Platform.

    Additionally, the glide.user.max_unlock_attempts system property controls the number of allowed failed login attempts. If the value of glide.user.max_unlock_attempts is increased above the recommended value of 5, it increases the number of login attempts an attacker could make against a given user.

    Ensure at least one of the script actions: SNC User Lockout Check or SNC User Lockout Check with Auto Unlock is enabled to manage failed login attempts. These script actions are stored in the Script Actions [sysevent_script_action] table.

    Additionally, ensure the property glide.user.max_unlock_attempts is set to 5 or less.

    More information

    Attribute Description
    Configuration name
    • SNC User Lockout Check (Script action)
    • SNC User Lockout Check with Auto Unlock (Script action)
    • glide.user.max_unlock_attempts(System property)
    Configuration type
    • Script Action (/sysevent_script_action.do)
    • System Properties (/sys_properties_list.do)
    Data type Integer (for system property)
    Recommended value
    • The Script Actions [sysevent_script_action] table has the record with sys_id 5e44f9bf0a0a0a0a019a6440b2137767 and/or the record with sys_id d92636b2975301008e00958e3b297567 set to active
    • glide.user.max_unlock_attempts system property is set to an integer less than or equal to 5.
    Default value <none>
    Fallback value 5 (for system property)
    Category Authentication
    Security risk
    • Severity score: 7.3
    • CVSS rating: High
    • Security risk details: Allowing more attempts gives attackers additional opportunities to guess passwords, increasing the likelihood of unauthorized access and credential compromise. Proper lockout configuration is critical to maintaining strong authentication security.
    Functional impact None
    Dependencies and prerequisites None