NOTE: This error can occur for people that use Outlook.com, Office365, or Office for Desktop (2019, 2016, and previous) to check their email.
If you have recently (or repeatedly) requested a password reset using the Forgot Your Password link and upon clicking the link in your email you are given this message:
Here are some steps that you can follow to help resolve this error:
- Use the Forgot Your Password link on the login page (or your custom login link) to request a new password reset link. In your email inbox, make sure you are opening the more recently received email (check the date and time). If the link in the email gives you the above error, proceed to Step 2.
- Use the Forgot Your Password link to request another password reset link. Right click on the link in your email and select Copy. In your internet browser (Google Chrome is preferred by Salesforce), Paste the link in the address bar and press the Enter button on your keyboard. If you are still getting the above error, proceed to Step 3.
- Do not request another password reset link yet. Follow Step A if you are using Outlook for the Web and follow Step B if you are using Outlook Desktop on your computer.
- Outlook for the Web: In your email, locate the last email from Salesforce with a password reset link. Use the three dots (More Actions) button and select Add to Safe Senders.
- Outlook Desktop: In your email, locate the last email from Salesforce with a password reset link. right click on the email and select Junk and then Never Block Sender. You may be asked to add this email address to your Safe Senders List and click Yes to do so.
Adding the Salesforce email as a Safe Sender will stop Outlook from blocking the password reset links. Now, you can use the Forgot Your Password link to request another password reset link and click on it to open it.
- Outlook for the Web: In your email, locate the last email from Salesforce with a password reset link. Use the three dots (More Actions) button and select Add to Safe Senders.
System Administrator Permanent Solution
If Users are repeatedly having this issue, it is possible to enable a feature that does not allow the reset password link to expire as soon as it is clicked.
To enable this feature:
- Log into your organization's Change Machine instance and click on the Setup icon. Select Setup to access the Salesforce backend settings.
- In the left-hand side menu, navigate to the Users section and then click on Users.
- To the far right of each User name, look at the User Profiles that are in use. Generally, more Users may have either the Standard User or System Administrator profile but your organization may use others.
- Click on one of the User Profiles.
- On the selected User Profile page, at the bottom of the page in the System section, click on Password Policies.
- Click the the Edit button to make changes.
- Check the box to the right of "Don't immediately expire links in forgot password emails". This setting enables an additional page after clicking the password reset link with a Reset Password button that must be clicked before being allowed to reset the password.
- Click Save to update this change.
- Repeat these steps for EACH User Profile that is currently in use by any active Users.
After this setting has been updated, Users should no longer see the error on the login screen after clicking on the password reset link in their email.