Idea ID: 2875491

Allow SSPR forgotten password tokens to be claimed multiple times.

Status: Under Consideration

We have fixed a similar case in SSPR user activation module. We will plan to extend the same to the forgotten password module as well.

See status update history

Several of my users are unable to claim thier tokens via the forgotten password flow due to the mail containing the token claim link being 'pre clicked' by the mail server as a part of its security measures. This means that by the time the user recievies the email containing the link the token is already claimed and the password reset flow fails.

Allow me to set it so tokens can be claimed twice so the user can still trigger the forgotten password process even if their mail server has pre clicked the link.

Tags: