Categories:

12 Days of Christmas - ITB 2022 Video Release (12) 12 Modules of (ForgeBox) Christmas (12) 12 Tips of (CommandBox) Christmas (24) 12 Tips of (ContentBox) Christmas (24) Adobe (5) Books (4) BoxLang (34) BoxLife (0) CacheBox (75) CFBuilder (23) CFCasts (19) CFConfig (7) CFCouchbase (10) Cloud (16) ColdBox Connection (31) ColdBox MVC (0) ColdBox MVC (0) ColdBox MVC (0) ColdBox MVC (0) ColdBox MVC (997) ColdFusion (152) CommandBox (203) Community (338) Conferences (129) ContentBox CMS (167) Couchbase (19) Customers (5) DataBoss (16) DocBox (0) Docker (18) Eclipse (11) Elixir (6) Events (105) ForgeBox (69) FuseGuard (3) FusionReactor (4) Hosting (5) IDE (4) Interceptors (13) Into The Box (67) Ionic (2) Jobs (3) Legacy (7) Live Streams (7) LogBox (58) Lucee (25) Lucee Extensions (23) Modules (95) News (742) OpenSource (39) ORM (13) Ortus Developer Week (13) Ortus PDF (0) Ortus University (2) Patches (2) Patreons (7) Plugins (28) Podcasts (26) Presentations (70) ProfileBox (6) qb (1) Quick (5) Redis (9) Relax (8) Releases (495) REST (22) RoadShow (31) Sample Apps (15) Security (9) Software Craftmanship (5) TestBox (88) Testimonials (0) Training (191) Tutorials (370) Upcoming Events (8) Vue.js (4) Widgets (4) WireBox (71)

Archives:

The 12 Tips of (ContentBox) Christmas 2017 - Day 3 - Password enhancements

12 Tips of (ContentBox) Christmas, ContentBox CMS

Gavin Pickin December 16, 2017

Spread the word

Gavin Pickin

December 16, 2017

Spread the word

Share your thoughts

At Ortus Solutions, we love the holidays, and we wanted to gift you a gift of developer productivity, we will share a few tips and tricks that will keep giving all year around. In this series we'll be giving you 12 ContentBox tips. Keep your eye out for other 12 tips of Christmas series on our blog, including a new one this year, 12 modules of Christmas on ForgeBox.

Day 3 - Password enhancements. Security is a big deal for Ortus Solutions, and ContentBox is no different. Working with lots of customers, big and small, we run into a lot of security requirements, and we use those experiences to make ContentBox better, and passwords has had some major changes recently.

Password Enhancements

There have been many updates on both the UI and the security of user passwords.

Password Meter

We have introduced the concept of a visual password meter, which can guide users when changing, resetting or setting passwords:

Password Length Options

You can now also as an admin decide on the minimum length of user passwords.

Password Reset Options

As an administrator, you can now reset user passwords a-la-carte or for every single user in the system. This will issue a notification to the user with instructions on resetting their system password. User password reset workflow has now been improved with our new password reset screens instead of bulky double email validation mechanisms.

New Interception Events

Here are the new interception events you can listen on for password reset workflows:

cbadmin_onGlobalPasswordReset
cbadmin_onPasswordReset
cbadmin_onInvalidPasswordReset

A perfect example of extending these interception points, is using Security Questions to reset your password, instead of sending a password reset email. We built this for a customer, allowing their ContentBox app to have multiple ways for a user to reset their password if they had forgotten it.

Add Your Comment

Into the Box 2025 Virtual Tickets Are Now LIVE!

The wait is over! By popular demand, Into the Box 2025 virtual tickets are officially available! Secure your spot today and take advantage of our exclusive early bird pricing before it’s gone!

We’re bringing the community together to push the boundaries of modern development—because change starts with us. We’ve taken the first step, now it’s your turn to evolve and take action!

Maria Jose Herrera

April 03, 2025

Security Red Flags in Your ColdFusion App (and how to fix them!)

Security breaches can lead to data leaks, legal issues, and irreversible damage to your company's reputation. Many ColdFusion applications—especially older ones—are vulnerable to cyber threats due to outdated code, weak authentication, and improper security configurations.

When was the last time you audited your ColdFusion application for security risks? If you’re unsure, it’s time for a professional security review.

Top ColdFusion Security Risks – Are You Expose...

Cristobal Escobar

Cristobal Escobar
April 03, 2025

BoxLang 1.0.0 RC3 Has Landed!

We are thrilled to announce the release of BoxLang 1.0.0-RC.3, marking a significant milestone in the development of our dynamic JVM language. This release brings a major performance boost and over 100 bug fixes and improvements, making it our most robust release to date. We are now entering the final stretch towards our full release on May 1st, and we need your help to ensure everything is in perfect shape. Please test your applications and report any issues.

Luis Majano

Luis Majano
April 03, 2025

Blog