We have been having issues with users who reset their passwords, and after rebooting the next day the system tells them that their token data is invalid. So they need to have their password reset again.
Through experience, I have noticed that users who have to reset their password again have reported that their previous password is similar.
Would someone be able to explain to me what happens when a user resets their password? I would like to know the following:
I realize I may not be giving enough information, so if there's anything else that you would need to know, please ask.