ServiceNow enables a page named `side_door.do` by default to allow users bypassing the Single Sign On (SSO) feature in case of issues to still access their ServiceNow instance.
Solution
Ensure that the recommendations applied by ServiceNow are properly enforced to avoid authentication trough this side door page with weak credentials.