I’m a ColdFusion freelance developer and as can often happen, I end up using a spare machine sitting in the corner of a room. Being relegated to the “dunce’s corner” is bad enough, but commonly the ColdFusion password has also been forgotten. This happened to me just the other day. So, how do we go about resetting the password?

Back in the ColdFusion 5 days you could edit the registry value:

HKEY_LOCAL_MACHINE\software\allaire\coldfusion\currentversion\server

set UseAdminPassword to 0 and restart the ColdFusion service, not forgetting to set a new password afterwards, especially if you’re on a production server.

Now with ColdFusion MX and MX7, you can’t but the process is not too tricky either. In fact there are two methods available to you.

First method:

You need to locate the password.properties file in the C:\CFusionMX7\lib\ directory. Opening the file, you will be presented with something much like this:

#Tue Apr 24 10:41:59 BST 2007
rdspassword=09GTH9 8O&>36& \\Q>[K\=XP \n
password=5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8
encrypted=true

Change the password to an alpha-numeric string of your choice and encrypted to false, much like this:

#Tue Apr 24 10:41:59 BST 2007
rdspassword=09GTH9 8O&>36& \\Q>[K\=XP \n
password=L3tM31n
encrypted=false

save the file and restart the ColdFusion service, you will be able to get into the ColdFusion Administrator with your chosen password.

Second method:

Locate the neo-security.xml file in the C:\CFusionMX7\lib\ directory. Opening the file you will be presented with a WDDX packet containing ColdFusion server configuration settings. The lines you will need to edit are the following:

<var name=’admin.security.enabled’>
<boolean value=’true’/>
</var>

Change the boolean value to false, like this:

<var name=’admin.security.enabled’>
<boolean value=’false’/>
</var>

save and restart the ColdFusion service. You can now log into the ColdFusion Adminsitrator without a password.

NB It is always recommended that a password be used for production systems.