On July 12th, we rolled out a strengthened security architecture. We launched our new login experience and a completely new and improved authentication architecture. This new architecture, with the well renowned user identity system Auth0 at its core, allows us to implement better security policies, faster, and without compromising the security of our users and our architecture.
New password requirements
These changes also include stronger password requirements than before. Passwords now need to have a minimum length of 8 characters, and contain both lowercase and uppercase letters as well as at least one digit.
If you are an existing user since before July 12th 2021, you will need to reset your password before being able to access the Control Panel. This can easily be done when logging in for the first time by clicking the “Forgot password” link at the login screen.
Why new passwords? Did you have a security breach?
No. We take security very serious. In this case that means that all passwords are encrypted and we can never access them. Because of this restriction we couldn’t just migrate over the passwords from the old authentication architecture. After changing your password you can directly log in again.
Do I have to change my SSH/SFTP password as well?
No, the new login experience is for access to the control panel. Passwords for logging in to the Bolts via SSH and SFTP is not affected by this change.
Separate login domain
During the login your browser will send you to https://login.servebolt.com. This behavior is normal and is in place because of our new authentication architecture. You will be redirected back to the control panel after authentication is completed.