Blog

Gavin Pickin

December 19, 2017

Spread the word


Share your thoughts

At Ortus Solutions, we love the holidays, and we wanted to gift you a gift of developer productivity, we will share a few tips and tricks that will keep giving all year around. In this series we'll be giving you 12 ContentBox tips. Keep your eye out for other 12 tips of Christmas series on our blog, including a new one this year, 12 modules of Christmas on ForgeBox.

Day 6 - New User Invite Workflow. We have introduced a new approach to creating authors in ContentBox. You will now be presented with the new author wizard which will allow you to pre-fill author details in a secure manner.

Most security policies do not allow an administrator to set a password for a user, but should make a function to reset a password available. In this new workflow, the user is created, but the administrator doesn't create a password. A notification will be sent to the new author's email address with a password setup token so they can secure their account. This way the administrator never knows the user's password.

A randomly generated password will be created and a reset link will be generated and sent to the user. User will be forced to set the password on first sign in.

Changing Passwords

Changing passwords previously ( this is changing in 3.8.0 ) allowed an administrator to set a user's new password, which conflicted with this policy for many clients. We have updated the User Admin to no longer allow you to set a users password, but to set a user for a password reset. This flags the user so next time they login, they will be asked to change their password, as well as sending the user an email, with a token to reset their password. 

Security is important to us at Ortus, and password resets are helping to make ContentBox more secure.

 

 

Add Your Comment

Recent Entries

Must-See Into the Box 2025 Sessions for CommandBox Users!

Must-See Into the Box 2025 Sessions for CommandBox Users!

Power Up your CommandBox experience and practices at Into the Box 2025

Want to get hands-on with the new CommandBox features or learn how others are pushing it to the next level? These are the must-see sessions at ITB 2025 if you're a CommandBox user:

Maria Jose Herrera
Maria Jose Herrera
April 21, 2025
Must-See ITB 2025 Sessions for TestBox Users!

Must-See ITB 2025 Sessions for TestBox Users!

Are you a fan of TestBox or looking to level up your testing game in 2025? Whether you're just getting started with unit testing or you're already building advanced specs for ColdBox and BoxLang apps, Into the Box 2025 has an exciting lineup tailored just for you. Into the Box 2025 has an exciting lineup tailored just for you. With the recent launch of TestBox 6.3.0 we have amazing new tools, features and tips and tricks to get your testing experience to the next level, review our sessions and test like a pro efficiently and easy!

From hands-on testing strategies to BoxLang innovations, here are the sessions you won’t want to miss this May — and why they matter to you as a TestBox user.

Maria Jose Herrera
Maria Jose Herrera
April 17, 2025
The Into the Box 2025 Agenda is LIVE and Done!

The Into the Box 2025 Agenda is LIVE and Done!

The wait is over! The official Into the Box 2025 agenda is now live — and it's packed with high-impact sessions designed for modern CFML and BoxLang developers. Whether you’re building APIs, modernizing legacy apps, diving into serverless, or exploring AI integrations, this is the conference you’ve been waiting for.

Here’s a look at what you can expect — categorized by key topics to help you plan your learning journey, there’s something for everyone covering modern CFML tools and BoxLang:

Maria Jose Herrera
Maria Jose Herrera
April 15, 2025