Home
IT Hub

Strategies on Handling Session Lockouts in ServiceNow

ServiceNow
Reco Security Experts
Updated
July 1, 2024
July 2, 2024

Handling Session Lockouts in ServiceNow: Strategies and Solutions

ServiceNow, a powerful cloud-based platform for IT Service Management, offers a variety of apps and tools that help reduce IT operations. However, like with any advanced system, users can experience session lockouts. A session lockout can be annoying, limiting productivity and access to essential information.

Understanding Session Lockouts

What is a Session Lockout in ServiceNow?

A session lockout happens when a user is unable to access their account because of too many failed login attempts or other security measures. This method is intended to prevent unintentional access, but it can occasionally inconvenience legitimate users.

Common Causes

  • Incorrect Credentials: Repeatedly entering incorrect username or password.
  • Inactive Session Timeouts: Sessions left idle for extended periods.
  • Concurrent Session Limits: Exceeding the maximum number of active sessions allowed.
  • System Errors: Technical glitches or bugs within the ServiceNow platform.

Solutions for Managing Session Lockouts

Unlocking User Accounts

Administrators can manually unlock user accounts through the ServiceNow interface. This process involves navigating to the user profile and resetting the account status.

Steps to Unlock a User Account:

1. Navigate to User Administration > Users in the ServiceNow dashboard.

The image above shows the Users section in the user administration options for ServiceNow.

2. Search for the locked-out user.

3. Open the user profile.

4. Click on the Locked Out checkbox.

The image above shows a user account in a locked-out status in ServiceNow.

Resetting Passwords

If a user forgets their password, administrators can reset it for them. Users can also utilize the self-service password reset feature if enabled.

Steps to Reset a User Password:

1. Navigate to User Administration > Users.

2. Find and select the user needing a password reset.

3. Click the Set Password button.

The above image shows the set password button and steps for changing the password on the user form.

4. Click on the Generate button, then copy the password, and click on the Save Password button.

The image above shows the steps of saving a new password for a user.

Increasing Concurrent Session Limits

Lockouts can be avoided for users who need more than one active session by increasing the concurrent session limit. However, use caution in order to prevent any security threats.

Steps to Increase Concurrent Session Limits:

1. Log in as an Administrator with "security_admin" and navigate to System Properties > UI Properties.

The above image shows the UI Properties of system properties in ServiceNow.

2. Search on the properties "Remove ‘Remember Me’ checkbox from the login page." And uncheck the checkbox.

The image above shows the steps to remove the “remember me” checkbox from the login page in ServiceNow.

3. Navigate to "sys_properties.list" using the navigation filter, and press enter.

The image shows the “sys_properties.list” in ServiceNow.

4. Search for the "glide.ui.session_timeout" property and change the value.

The image shows the “glide.ui.session_timeout” property in ServiceNow.

If "glide.ui.session_timeout" doesn’t exist, select the "New" button to add a new property using the following values:

  • Name: glide.ui.session_timeout
  • Description: Type a brief description. In this case, enter something like: “Override the default session timeout (30). This value is in minutes.”
  • Type: Select the appropriate data type. In this case, select Integer.
  • Value: Change the default value from 30 minutes to a value of your choice.

Specify Lockout for Failed Login Attempts

The system provides inactive script actions that enable you to specify the number of failed login attempts before a user account is locked and to reset the count after a successful login.

Steps to Change the Login Attempts:

1. Navigate to System Policy > Events > Script Actions to view or activate the scripts.

Script Actions Description
SNC User Lockout Check with Auto Unlock • Uses the value of the glide.user.max_unlock_attempts property to set the limit for failed login attempts.
• Unlocks the user account after the time period that is specified for
the glide.user.unlock_timeout_in_mins property. If no value is specified, then the system unlocks the user account after the default period of 15 minutes.
SNC User Lockout Check Tracks the number of failed login attempts and locks the user account after a specified number of failed login attempts (default: 5).
SNC User Clear Updates the user record after a successful login: Resets the number of failed login attempts and updates the date of the last login.

Steps to View Login Failed Logs:

Each time a user attempts to log in, the action is recorded in an event log. You can view a log of failed login attempts.

  1. Navigate to System Policy > Events > Event Log.
  2. Filter for login.failed in the Name field. You can view the attempted login name, date, and IP address logged for the attempt.

Strategies to Prevent Session Lockouts

Strong Password Policies

The risk of session lockouts can be significantly reduced by setting strong password regulations. Ensure that your passwords are frequently changed and meet the required level of complexity.

Educating Users

Lockouts can be reduced by educating users on correct login methods and the importance of signing out at the end of each session. Make sure that they understand exactly what to do in case they forget their credentials.

Session Timeout Settings

Security and efficiency can be balanced by modifying the session timeout settings. To prevent users from being locked out due to inactivity, for example, a reasonable timeout period can be established while keeping security.

Multi-Factor Authentication (MFA)

By providing an additional layer of security, MFA implementation reduces the possibility of lockouts based on illegal access attempts. By requesting users to submit further verification, like an authentication code sent to their mobile device, MFA makes it more difficult for hackers to obtain access.

Conclusion

Session lockouts in ServiceNow can cause interruptions in workflow and access to critical services. Organizations may reduce the frequency of lockouts by identifying their common causes and implementing preventative initiatives. Also, having clear options to manage lockouts means that users can quickly recover access and continue working. Administrators who follow the recommended practices suggested in this article can improve security while offering an efficient user experience in ServiceNow.

Explore More
See more articles from our Hub