Jenzabar SONIS 2024 Password & PIN Reset Security Updates

The password and PIN reset procedure has been updated for added security. Previously, when a user requested a new PIN or password, they were asked to enter their email address and their PIN or password would be automatically reset if the email entered was valid. Now, when a user requests a new PIN or password, they must complete a CAPTCHA along with correctly entering their email address, preventing bots and other malicious software from sending multiple reset requests.

Additionally, rather than resetting the password or PIN immediately, the system now sends the user an email with a link to the password/PIN reset page. This link expires 24 hours after the email is delivered. Finally, the PIN/password reset URL can no longer be called directly without accessing the Jenzabar SONIS homepage, providing another level of security against malicious software.