Your password reset link appears to be invalid.

  • Hello,
    I am having trouble for users to reset their password.They get a link to their email address with a reset link but when the link is clicked on, then they are taken to the reset password page saying the following:

    Your password reset link appears to be invalid. Please request a new link below.
    The url of that page is: mysite/wp-login.php?action=lostpassword&error=invalidkey

    I am using the latest WP version and use Theme My Login plugin. I deactivated the plugin and the issue still occurs. I also asked my host to purge the cache and still the issues remains.
    I read on other forums that people whitlisted Theme MY Login from the cache but my host (bluehost) said they cant do that. I think it has nothing to do with the plugin but with WordPress.

    I havent found any solution reading through other forums with the same issue. Can you help me please?
    Thank you!

    The page I need help with: [log in to see the link]

Viewing 9 replies - 1 through 9 (of 9 total)
  • Moderator bcworkz

    (@bcworkz)

    If there were a problem in core WP, everyone would be reporting issues. It’s something unique to your installation, which in part could include WP. That message is generated when there is a issue with the supplied reset key beyond it simply expiring, or if there is an issue with cookie handling.

    Are you able to replicate the issue yourself? Or is it just reported by others? If you cannot replicate the error, it’s probably due to failure in cookie handling. Some plugins still leave remnant code even when deactivated. You might try completely deleting the plugin through its “Delete” link in the plugins admin screen. Plugins are supposed to completely clean up when this link is used.

    Errors can also arise due to theme or plugin conflicts. Try deactivating (not delete) all plugins and switching to the twentynineteen default theme. Resets should now work. Restore your normal configuration one module at a time. Test resets after each. When resets fail again, the last activated module is the cause.

    Thread Starter schossie

    (@schossie)

    Thank you for your reply!
    Yes I am experiencing the problem myself.
    And also with test users.
    I have not much knowledge about these things. So when you say failure due to cookie handling, has this something to do with my computer/network or the one of others?

    This might be a stupid question but when I delete the plugin where can I login then? Or others? Because the login link doesnt work anymore and I havent found the wp login Url….I think theme my login uses the wp-login so it should work I just dont know how…
    Thanks!

    Thread Starter schossie

    (@schossie)

    Ok, sorry I think I found it. It is also wp-admin…

    Thread Starter schossie

    (@schossie)

    I just deleted the plugin and it doesnt change anything either…that is why I thought it has something to do with the wp login. When I login via wp I still get the same error message.

    Also deactivated all the plugins and changed the theme and I still have the same problem…

    Moderator bcworkz

    (@bcworkz)

    Thanks for trying those things out, it helps eliminate potential sources of the problem. One other thing to check before I set you onto the final solution. Assuming an Apache server, check the .htaccess file for any sort of redirect or rewrite rules involving wp-login.php. If not Apache, redirect rules lie elsewhere. Comment out any such rules found by placing a # at the head of the line. Keep a backup of an unaltered file ready to restore just in case the edits cause 500 status errors.

    If there’s nothing there, the only remaining conclusion is that your WP core code has become corrupted. To fix this, please preform a manual update.

    Thread Starter schossie

    (@schossie)

    Thanks for your reply again, but omg you are talking chinese to my right now ??

    Do you think my hosting provider would do that? I have no idea how to access those files. I also dont understand what you mean by redirect rules.

    Thank you for your help!

    Moderator bcworkz

    (@bcworkz)

    Sorry for foreign tongue, it’s hard to judge people’s experience level. What hosts will do for you varies wildly. It doesn’t hurt to ask though. If you can manage to download the .htaccess file from the WP installation folder by either FTP or your hosting panel’s file manager and open it in a text editor, I’d be willing to take a look at the contents. Copy/paste the content to pastebin.com and provide the resulting link here. Scan the contents first for any personal information that shouldn’t be public. There shouldn’t be, but one never knows.

    You could proceed with the manual update measure without checking for rewrites if you want. If the problem persists afterwards, then we’ll know for sure it’s something external to WP like a rewrite rule. After the manual update, stay with a default theme and no plugins until we know if the problem persists or not.

    Thread Starter schossie

    (@schossie)

    I just had a long and complicated talk with the hosting company and in the end he said I dont need to download it but just copy and paste the code here…

    So please tell me if that helps you, thanks!
    This is the .htaccessfile from the public_html folder

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ – [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>

    # END WordPress

    Moderator bcworkz

    (@bcworkz)

    If that’s all there is then it’s all correct. Please proceed with the manual update as described here: https://www.ads-software.com/support/article/updating-wordpress/#manual-update

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Your password reset link appears to be invalid.’ is closed to new replies.