diff --git a/cbox-tree.d/usr/lib/cryptobox/cbox-manage.sh b/cbox-tree.d/usr/lib/cryptobox/cbox-manage.sh
index 576efc4..4fbc2be 100755
--- a/cbox-tree.d/usr/lib/cryptobox/cbox-manage.sh
+++ b/cbox-tree.d/usr/lib/cryptobox/cbox-manage.sh
@@ -308,6 +308,15 @@ function umount_crypto()
 	set -e
 }
 
+
+function box_purge()
+# removing just the first bytes from the harddisk should be enough
+{
+	local device=$(find_harddisk)
+	log_msg "Purging $device ..."
+	dd if=/dev/zero of=$device bs=1M count=1
+}
+
 		
 function init_cryptobox_part1()
 # this is only the first part of initialisation that takes no time - good for a smooth web interface
@@ -318,7 +327,7 @@ function init_cryptobox_part1()
 		log_msg "Initializing crypto partition on $device ..."
 		umount_crypto || true
 		mount | grep -q " $CONFIG_DIR " && umount "$CONFIG_DIR" || true
-		initial_checks "$device" || { log_msg "initial checks failed" && return 1}
+		initial_checks "$device" || { log_msg "initial checks failed" && return 1 ;}
 		create_partitions "$device"
 		create_config "$device"
 	) >>"$LOG_FILE" 2>&1
@@ -431,6 +440,9 @@ case "$ACTION" in
 		  else	echo -n "'$0' box-init-bg" | at now
 		 fi
 		;;
+	box-purge )
+		box_purge
+		;;
 	is_crypto_mounted )
 		is_crypto_mounted
 		;;
diff --git a/cbox-tree.d/var/www/cgi-bin/cryptobox.pl b/cbox-tree.d/var/www/cgi-bin/cryptobox.pl
index cafdcb1..c84662a 100755
--- a/cbox-tree.d/var/www/cgi-bin/cryptobox.pl
+++ b/cbox-tree.d/var/www/cgi-bin/cryptobox.pl
@@ -234,6 +234,10 @@ sub box_init
 	system("$CB_SCRIPT", "box-init-bg");
 }
 
+sub box_purge
+{
+	system("$CB_SCRIPT", "box-purge");
+}
 
 sub system_poweroff
 {
@@ -558,6 +562,21 @@ if ( ! &check_ssl()) {
 			$pagedata->setValue('Data.Redirect.Action', 'status');
 			$pagedata->setValue('Data.Redirect.Delay', "60");
 		}
+	################### box_purge #######################
+	# TODO test this code
+	# if we find an existing config partition, then read the adminpw
+	# and ask the user (validationscript or webfrontend) for it
+	} elsif ($action eq 'box_purge') {
+		if ( &check_config()) {
+			# TODO old config found, read the admin passwd
+			my $current_admin_pw = &get_admin_pw;
+			if ($current_admin_pw ne $query->param('current_admin_password')) {
+				$pagedata->setValue('Data.Warning', 'WrongAdminPassword');
+				$pagedata->setValue('Data.Action', 'config_form');
+			} else {
+			&box_purge;
+		}
+	}
 	################### unknown #########################
 	} else {
 		$pagedata->setValue('Data.Error', 'UnknownAction');