Password Reset error=invalidkey

Here are different ways to reset the password.
https://codex.www.ads-software.com/Resetting_Your_Password

Hi kmessinger – What I am referring to is the (through the automatic emailer) option for members to reset their own passwords as they wish without me resetting it for them on the backend. When I tested it, it sends an email, but the link says it has error: login.php?action=lostpassword&error=invalidkey

Have you tried:
-deactivating all plugins to see if this resolves the problem. If this works, re-activate the plugins one by one until you find the problematic plugin(s).
-switching to the default theme to rule out any theme-specific problems.

Ok, tried deactivating all plugins but this still did not work, then I continued to research the issue, apparently the reset PW link sent in the email misses a character within the link. By clicking on the link, it generates the error, login.php?action=lostpassword&error=invalidkey. However by highlighting the entire link sent in the email, then copying and pasting it into the browser the link works fine. It is unknown as to why the clickable link does not include all characters in the string, but I guess these instructions I can offer for members attempting to reset their own password.

I have a a similar problem, but it is only with users who read the “reset password” email on a smart phone (or maybe a tablet). If I ask them to try again on a desktop or lap top, the link is valid.
I haven’t yet added any trace statements to see exactly what WordPress is receiving for the key, but I suspect that it is either truncated, or missing some characters.

I can elicit the same error in two ways.

Paste in the link and change one char of the key.
Paste in the link and truncate the user name.

The error message is the same.

im also experiencing the same can somebody help? thanks

Started for me with the upgrade to WP v4.7

My issue was the caching on my host wpengine, plus we use an alternative url for login. I contacted support and they excluded my custom login url from the cache.

Thank you sociability. Copy and pasting the link worked for me after dozens of unsuccessful attempts.

“action=lostpassword&error=invalidkey”

exasperating wordpress loop

I’ve read the threads as well and I’m a confident user of this site’s phpMyAdmin to change the password (which I’ve done in several iterations): I still get the text change from the emailed reset link to one that ends as above. I’ve tried using several different browsers as well and I get the same result. If I can’t log onto my site, I don’t know that I can disable plug-ins, etc. (unless this is additional phpMyAdmin activity).

Why can’t a link be sent that works? Thanks for the help!

one last “reset password” click finally worked… somehow… Thanks!

I have the same problem and because we don’t generate the email, we can’t instruct every new user to copy-paste instead of clicking.
Why don’t you fix that bug, it seems easy enough to correct the link, no?

Oh, and I just tried it: copy-pasting doesn’t work.

• This reply was modified 7 years, 9 months ago by MarieDi.

It happened to another of our club members (i.e. Users) today. I have SlimStat installed now and I can clearly see the URL that the user saw.

/wp-login.php?action=lostpassword&error=invalidkey

But, I tried from my 5″ Android phone and it worked for me.
I haven’t yet got a reply from our member. I asked what device they were using and if it worked from a full-size lap-top or desk-top.

I work on a full laptop and I have the problem (when creating a new user for myself).
My collegue works on a desktop and has the problem (when I create a new user for her).

So much for that theory. Seems to be random then.
It never happened to me on a desk top, but did happen (but not lately) on a small phone.