Skip to main content

I’ve had 3 members this week tell me they get “token invalid” when trying to reset their password. Why would that error occur when they are going immediately to reset it?

Hey @Kgastaldo so this sounds like there’s some security software on these users’ inboxes thats stripping the ?token= parameter from the url bar. For example I do know that customers have reported that security software by Mimecast has been known to cause this issue - i’d advise you ask these users to contact their IT department to see if they’re able to put in a whitelist for the email notifications coming from your community? It seems that some security software doesn’t like the fact the platform submits this ?token=  in the url as it thinks it’s either some form of attack or a vulnerability (when in fact it’s neither).


I’ll pass that along, thank you!


Hi, are there any updates on this? 

@Kgastaldo did that turn out to be the right solution? 😊


I’ve suggested this to users, but mostly I’ve just been changing their password in the mod console and having them update it after they’ve logged in. Not the prettiest solution, but going fine!


That’s a much quicker solution!
I think it’s a bit prettier than having to contact the IT department 😬
Thanks ! I’m having the same issue with a user and I’ll do it like that.


Yep - I get the impression they don’t bother to talk to their IT a lot of the time. Once they’re back in the community, they can just change the password from their profile. 


Reply