We have a lot of impatient users who request multiple password resets within a few minutes. Inevitably they click on the first email that arrives which contains a reset nonce that expired because a new one was requested.
This issue is difficult to diagnose and explain to our users. It would be far easier if nonce-expiration were not sequence-based
Ian Bonner
Thank you Ian for the feedback and suggestion! We'll look into this as a future feature change.
Blueconic handles this nicely