In ServiceNow's London release, there was not much scope for securing instances, which in turn may have led to lost data. To avoid this, the ServiceNow Madrid release comes with multi-factor authentication. Here we discuss how ServiceNow multi-factor authentication system works and ensure secured access to instances.
The two-factor or multi-factor authentication in Madrid version release overcomes the data loss issue by adopting double verification features by a Google authentication mechanism through a mobile app.
Multi-Factor authentication gives users ability to authenticate ServiceNow instances with two-step verification. Here, the user experiences a two-step verification while logging in into instance. This provides strong security to the instance. The two steps authentication includes:
- The first level of authentication provides basic database authentication with username & password.
- The second level of authentication requires the user to enter a token/passcode in addition to the password.
Note: This type of authentication in an instance is only supported through Google Authentication.
For a specific task, sharing credentials with teammates may be required. If we forget to reset our credentials after the task is complete, previously your instance would be vulnerable to others who might manipulate the instance or data. But, through Multi-factor authentication by ServiceNow Madrid, access to the instances is double checked with a google verification code every time one tries to login.
Authentication methods that are supported in Instance are:
- Local Database Authentication (i.e., ServiceNow database).
- SSO login with LDAP integration.
Authentication methods that are not supported in Instance are:
- SSO SAML
- SSO Digest
In Madrid, “Integration-Multifactor Authentication” is activated by default. In previous versions, users had to activate this plugin. Without activating the plugin, you will not be able to enable/disable multi-factor authentication in your instance.
Roles: Required roles admin
By configuring this authenticating step, one can protect instance more securely. Below are the steps to setup Multi-Factor Authentication in ServiceNow Instance.
Process to Enable Multi-Factor Authentication in your Instance
1. Go to “Multi-Factor Authentication” module in instance, then click on Properties and select the check box to “Enable Multi-Factor authentication” and save. See below screen for reference.
2. Then go to user profile, click on Multi-factor authentication link. The instance will show the QR code. This QR code is useful for getting the information related to the pass code for your instance.
3. Before scanning the QR code shown in the instance, download the “Google Authenticator App” from the play store in your mobile device. By default the pass code changes every 10 seconds, where the user is prompted to enter the passcode. Users can reset the passcode generation time period as per their requirement.
Mobile app pictured below.
4. Scan the QR code shown in instance to get the instance details in the mobile app and click Add Account. Enter the pass code of your instance shown in mobile and click “Pair Device”.
After pairing the instance allows users to access the instance in the mobile app and use the 6-digit pass code while logging on to your instance every time.
5. Multi-factor Authentication is successfully configured in your instance. Now your instance can perform two-factor authentication while logging into your instance.
6. Next time when the user tries to log in, the instance will log in based on multi-factor authentication. It verifies the username, password and pass code combination.
As the authentication mechanism is very dynamic, users can enjoy an added layer of security and protect their instances.
- ServiceNow Madrid: New Features to Explore
- ServiceNow Madrid's Coaching Feature Improves Enterprise Self-Service Abilities
- How Antivirus Scanning Feature in ServiceNow Madrid Ensures Better Security
- Implementing the Mobile App Feature of ServiceNow Madrid with Mobile Studio