Password Reset

  • Release version: Yokohama
  • Updated January 30, 2025
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Password Reset

    The Password Reset application in ServiceNow Yokohama release provides a secure and user-friendly way for end users to reset or change their passwords. It supports both self-service and service desk-assisted processes, enforcing strong password policies and user authentication to enhance security.

    Show full answer Show less

    Key Features

    • Manage Enrollment: Automatically or manually enroll end users into password reset programs.
    • Verification Types: Authenticate users through various methods such as personal questions, email verification, SMS codes, or Google Authenticator.
    • Integrated Plugins: Enables password resets directly from Windows applications and Microsoft Azure Active Directory.
    • Enrollment Options: Allows users to enroll conveniently in different password reset programs.
    • Modern UI: Features a new homepage dashboard with an improved look and feel for easier navigation.

    How Password Reset Works

    Self-Service Process

    • Users initiate password reset by clicking “Forgot Password” on the login page through any supported browser or mobile device.
    • They enter identifying information such as username or email and complete CAPTCHA verification (with audio option available).
    • Users verify identity by answering security questions or entering a code sent via SMS, email, or authenticator app.
    • An email with a reset link is sent, valid for a configurable time period, guiding users to set a new password.
    • The system verifies the identity and updates the password accordingly.

    Service Desk-Assisted Process

    • End users can request password reset help from a Service Desk agent by phone or in person.
    • Agents with the Password Reset admin role use a dedicated form to select the user and applicable reset process.
    • Agents manage password reset requests within the user’s domain, providing controlled and secure assistance.

    Next Steps for Customers

    • Administrators: Begin by configuring the Password Reset application to suit your organizational policies and user groups.
    • End Users: Enroll in the Password Reset program to enable self-service password management.

    The Password Reset application enforces strong and secure passwords by enabling end users to reset or change their passwords either by using the self-service process or by requesting the assistance of a service desk agent.

    Password Reset application features

    Manage enrollment
    Automatically enrolls end users or allows manual enrollment.
    Verification types
    Validates user authenticity with the help various verifications.
    Integrated plugins
    Resets passwords directly from the Windows application and Microsoft Azure active directory (AD).
    Enrollment types
    Enables end users to enroll in different password reset programs at their convenience.
    Homepages with a dashboard view
    Password Reset has a new, modernized look and feel. For more information, see Next Experience UI.

    Password Reset processes

    Users with the password_reset_admin role configure how the process of resetting a password works for an end user.
    • Self-service process:

      Users reset passwords over the internet using a browser on any supported interface, including mobile devices.

    • Service Desk assisted process:

      Users request the assistance of a service desk agent, over the phone or in person. In this process, users don't reset passwords.

    For more information, see Configuring Password Reset and Plan your Password Reset processes.

    Self-service and Service Desk - assisted processes

    In addition to configuring the connections, user groups, and verifications, you can specify one of the following operational methods for the organization:
    Self-service process
    End users reset passwords using a browser on any supported interface, including mobile devices. They can provide the identifying information and answer questions or submit a securely delivered code number. The following example shows the default self-service process Password Reset flow:
    1. If a user doesn't remember their password, the user clicks Forgot Password on the Login page.
      Forgot Password

    2. The Password Reset application starts. On the Identify page, the user enters their identifying information (generally the user name or email address). The example includes the default CAPTCHA security feature. The user provides identification by entering a user name and CAPTCHA, and clicks Next.
      Note:
      Users can hear characters displayed in CAPTCHA by clicking the Speak the CAPTCHA icon (Speak the CAPTCHA icon) displayed in the pop-up window for the Identify step.

      Identify page

    3. On the Verify tab, the user provides personal data associated with their user name. For example, the user can either enter the email address associated with the user profile or answer the security question that an administrator has configured. This information is specified while enrolling in the Password Reset process. The administrator can configure a different verification method. For example, a personal question that only the user can answer.
      Note:
      Other possible verifications require the user to enter a code number that was sent to a mobile device by SMS text, through the Google Authenticator app, or by email.
    4. The Reset page tells the user to check email for instructions.
    5. The user opens the email and clicks the link in the email to reset the password. The link is valid for a period of time that an administrator specifies by using the password_reset.request.expiry property.
    6. The Reset Password page guides the user to reset the password.
    7. The system checks the credential store to verify the identity and then displays the new password on the Reset page.
    Service desk-assisted process
    An end user requests the assistance of a Service Desk agent, over the phone or in person. The agent processes the request. Each Service Desk agent has the Password Reset admin Service Desk role. The Reset request form that the agent contains a Select user field and a Select process field. On the form, the agent can view all processes in the end user’s domain.

    Next steps

    Based on your role, do these steps: