Skip to page contentSkip to chat
ServiceNow support
    • Community
      Ask questions, give advice, and connect with fellow ServiceNow professionals.
      Developer
      Build, test, and deploy applications
      Documentation
      Find detailed information about ServiceNow products, apps, features, and releases.
      Impact
      Accelerate ROI and amplify your expertise.
      Learning
      Build skills with instructor-led and online training.
      Partner
      Grow your business with promotions, news, and marketing tools
      ServiceNow
      Learn about ServiceNow products & solutions.
      Store
      Download certified apps and integrations that complement ServiceNow.
      Support
      Manage your instances, access self-help, and get technical support.
Edge Proxy not allow user to attach a document, Image (attachment) to the article body in knowledge record -
  • >
  • Knowledge Base
  • >
  • Support and Troubleshooting (Knowledge Base)
  • >
  • Users not able to login in cloned target instance using Multi Factor Authentication (MFA)
KB0860689

Users not able to login in cloned target instance using Multi Factor Authentication (MFA)


7436 Views Last updated : Jul 24, 2024 public Copy Permalink English (Original)
  • English (Original)
  • Japanese
KB Summary by Now Assist

Issue

After performing an instance clone, users may not be able to login in the target instance, due to invalid MFA configuration values. The misleading error ‘Username or password not valid’ may appear.

Cause

When the clone is complete, the table 'user multifactor auth' from the source Instance is copied over to the target Instance. After the clone, the target could have incorrect source values and Multi Factor secret values. This must be preventing users from using MFA to log in.

Resolution

There are two ways to prevent the issue before cloning.

Method #1 (recommended)
Before performing the clone, manually add the table 'user_multifactor_auth' to the Clone Preservers / Exclude table + the Preserve Data table in the source instance:

  1. Login in the source instance
  2. Go to the "clone_data_exclude" table (in the filter navigator type in clone_data_exclude.list), click "New"
  3. Add "user_multifactor_auth" and save
  4. Go to the "clone_data_exclude" table:
    1. Ensure 'Include in System Clone' column is set to true
    2. Ensure 'Default' column is set to true
  5. Go to the clone_data_preserver table (in the filter navigator type in clone_data_preserver.list), click "New"
  6. Add "user_multifactor_auth" and save
  7. Go to the clone_data_preserver table
  8. Ensure 'Include in System Clone' column is set to true
  9. Ensure 'Default' column is set to true 

Note: If role-based MFA is enabled, repeat steps 1-9 to also add the following tables to exclusions and preservers:

- multi_factor_criteria

- multi_factor_role

 

If using method 1, MFA should work as it did prior to the clone.


Method #2
Export the records from the table(s) as XML before cloning, and then import the XML into the target instance after the clone. Remember this import XML activity is only possible if the local admin user can login to the target instance after the clone.

 

Resetting MFA after cloning

If issues persist, you can use the procedure in this video to reset the MFA.

 

Related Links

Multifactor authentication (MFA)


The world works with ServiceNow.

Sign in for more! There's more content available only to authenticated users Sign in for more!
Did this KB article help you?
Did this KB article help you?

How would you rate your Now Support digital experience?

*

Very unsatisfied

Unsatisfied

Neutral

Satisfied

Very satisfied

Very unsatisfied

Unsatisfied

Neutral

Satisfied

Very satisfied

What can we improve? Please select all that apply.

What are we doing well? Please select all that apply.

Tell us more

*

Do you expect a response from this feedback?

  • Terms and conditions
  • Privacy statement
  • GDPR
  • Cookie policy
  • © 2025 ServiceNow. All rights reserved.