I am creating an account for someone else and then sending a password reset.
Does the password reset token expire? If yes, how long until it expires?
Hello,
It expires after 24 hours.
1 Like
So is there a way to display something that the link has expired when they click on it after 24hrs? Then generate a new one?
Just my customers are getting confused as they click on the link 2 days later and cannot change the password.
1 Like
It’s not something we can add quickly, but we’ll put that on the wishlist.
1 Like
As an interim solution, perhaps have a flag on the user’s profile (or user change’s log) that stores the expiration date (ie. Current Date/Time + 24 hours).
Then on the password reset page, have it do a check: if Current Date/Time > expiration time, show prompt for requesting a new reset.
I believe this logic would make sense with the current password reset setup. (ie. the email link goes to your password reset page, then Bubble only checks to see if the request is valid once the request is submitted, not on page load).
4 Likes
@dan1 thanks for the suggestion. I might give this a try for the meantime.
Because the user has not logged in yet. How will I do a check on the user to match the email reset link?
Here’s a workaround idea:
create another database type called password reset token or two fields on the user profile. It should record the unique ID of the password reset (which is included as a part of the readable URL included in the password reset email) and specify the valid until date (current date/time + 24 hours).
Then, on the password reset page, have your workflow reference the “reset” parameter and “Do a search for” unique ID’s that match that. (You could theoretically use a workflow for When the page loads).
It may not be the most elegant. But that’s what I propose as an interim solution.
1 Like
Does the reset password token still expire in 24 hours?
Is it possible to change the expiration date?
1 Like
Hey, @akio.imaike,
It still expires in 24 hours and I think the expiration date can´t be changed 
https://manual.bubble.io/core-resources/actions/account#reset-password
1 Like
Really appreciate your kindness!
Would be great to amend this to this documentation also Account - Bubble Docs @bubble
1 Like
I’m still having this issue. I have admin users send their users a link to set up their accounts but rarely does a person use it within 24 hours.
How can I let my admin users send their users a link to get to an account creation process that doesn’t have an expiring link?
Thanks!
Sounds like you would want to create the account for them (if its not made already) → assign a temporary password → Email them the info for them to change it
Hey ! i’ve got the same pb. I read that make expiration time longer was not possible yet in 2024. Is it now possible ? Because users usually don’t have time to click within 24H… Thanks
1 Like