Jump to content

Recommended Posts

Posted

Looking for some help from the hive mind please. 

 

We want our customers to set a memorable word for security purposes, we identified some fields that could be used for this purpose, however we are not able to get the customer to write to that field and then there is another question of how to set the permissions for people able to view the word. 

 

Is this something that anyone has experience of setting up in service manager and is it possible to share how you achieved this please? If this is not possible and it cannot be done, I'd rather not waste time in trying 😆

Thank you 

 

Posted

Each user account has a set of custom fields that you might be able to use and are possibly the ones that you have already identified. 


image.png  

Users can't manually add to these fields. However, you should be able to create some form of workflow to get these populated.  For example an Secret Word capture script.   A starting point might be to write out the steps that you envision a user taking to submit their secret word and identify who would have access to that word. 

Posted

I'll just reiterate James's comment: 

On 14/11/2024 at 21:22, James Ainsworth said:

A starting point might be to write out the steps that you envision a user taking to submit their secret word and identify who would have access to that word.

Once it's clear what you're trying to achieve and why then we can start looking at potential solutions.

Posted

Hi @Steve Giller

We would like to create an IC that asks the customer to set a memorable word, and this would then write to a field in the customer properties (you could then link the IC in a custom email template asking customers to set their memorable word).

Then if required, the service desk could view the customers memorable word and ask them for the x and x character for ID&V purposes - this would mean there isn't an additional tool/system used for this. 

So we need to identify a field that the service desk can view in the customer properties as well as allow an IC to write to it. 

Any thoughts?

 

Posted

The Custom Fields suggested by James are the only suitable ones.

Other fields are exposed publicly and could be exploited by someone trying to impersonate the User, which I would assume is what a memorable word is aiming to avoid.

Posted

and I guess no other way to lock down the fields that we could use (such as social media) so that only certain people/teams/group would be able to see?

Posted

Hi @katy_palmer

The social media fields are more for the user to manage and add information for their profile and there isn't a way to centrally control visibility of profile fields to selected users.

Using the User Profile Designer, you can hide fields from view, but this would be for everyone.  

image.png

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...