Your password reset link appears to be invalid. Please request a new link below.

Who is your web host?

I’m having the same issue:

It’s something of a loop.

My host is Flywheel – https://getflywheel.com/

My website: https://musicindustryinsideout.com.au/

• This reply was modified 7 years, 12 months ago by martine_cotton.

i have the same Error above.
In my case it seems the error ist only on mobile devices (in my case Androide). On my PC it works properly

Webhoster: https://www.all-inkl.com
PHP7
Wordpress 4.7

I am having the same issue.

I have tested it on a Mac and PC using different browsers and it only worked on Mac Sierra using Chrome.

I am using:

Hosting BlueHost
WordPress 4.7.1
Theme My Login 6.4.7
LearnDash LMS 2.3.1

Having the same issue too ??

Using:

WordPress 4.7.1
TML 6.4.7
PaidMembershipsPro 1.8.13.1

I’m waiting for my admin to see what’s going on with our site because we don’t have server-side caching but obviously something is problematic with caching, because when I change the text on the “lost password” page, it is not posting to the web.

I’m just posting here so I can get notified of activity on this thread until I have more details to share.

Have sorted the issue!

1. I contacted my hosts with this info (after researching across the web):

The Theme My Plugin developer has said it’s usually caused by a server side caching issue? It has something to do with caching at the server/hosting level in some way.

For future reference, here’s what the support rep from WPEngine (hosting) said he did to set up a rule so the “my account” and “lost password” pages never get cached on the server side:

“I did a Varnish exclusion for everything along the path of ^/my-account”

2. That didn’t work straight up, they delved deeper and sent me this:

We have excluded those pages from the cache, along with some additional configurations, and it looks like things are working properly to issue a password reset now.

Hope that helps you all… I’m not sure what the techs did exactly but start there.

Cheers

Hi there – have posted already on several other threads, but since this is such a frustrating and critical issue, I wanted to note what worked for me.

It turned out that our Sucuri firewall was caching the site, and I fixed the issue by excluding the whole Theme My Login directory from caching.

(For any Sucuri users — you can exclude a directory by going to the “NON-CACHE URLS” section of the Performance Settings (under the “Performance” tab on your dashboard. Just a note – after I did this, I encountered a difficulty where the site did not load (timed out) after resetting a password. It did this to several other users as well. Then a Sucuri tech told me it had to do with too many pending queries or something, cleared something out, and then it hasn’t happened since. This might have had something to do with propagating the changes made in excluding the TML directory from caching, not sure.)

Same problem with www.ads-software.com itself. Just tried 5 password resets and got this error every time… There is always spam/bugs/exploits/lame themes/plugins in wordpress… May be we have to wait another 5 years for those to get fixed.

• This reply was modified 7 years, 8 months ago by Wordshit.
• This reply was modified 7 years, 8 months ago by Wordshit.

Helping someone who has this issue with www.ads-software.com itself. She can’t login to www.ads-software.com to report the problem!

Created a new username and have never been able to set a password. Just keep getting the message Your password reset link appears to be invalid. Please request a new link below.

The problem is created when WordPress suspects that you’re a hacker – probably from too many failed login attempts. I was able to get past this by creating a hotspot from my phone – so we were logging in with a different IP address.

I do not think it’s anything to do with WordPress thinking you are a hacker.
I had to create an account to be able to answer this question and I got the same problem and fixed it…

I identified the problem was due to the fact that the password reset link (my test was on a mobile device) includes the greater-than sign ( > ) at the end. If you click the link to let the page load, you can then edit the URL and remove the greater-than sign. Once I removed it and submitted the URL to load the page again, I was able to change my password and login.

Hope that fixes the problem for you all.

ds99: Thank you!!!

Kerio mail service was adding brackets around the URL, and including the stupid closing greater-than symbol as part of the clickable link. I didn’t even notice it.

I just pasted the reset password link into another browser (IE instead of Chrome that I normally use) and everything went right. I was able to reset the password and that logged in on Chrome with the new one.

I found a solution :
into the wp-login.php, i modified the following code on line 332
$message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . ">\r\n";

by

$message .= '' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login') . "\r\n";

In fact, remove the <>.

Had this problem with a new install.

I have access to the backend so created a new user on the database. Nice guide here: https://www.wpbeginner.com/wp-tutorials/how-to-add-an-admin-user-to-the-wordpress-database-via-mysql/

Then logged in and changed the other password.