The reset password link sent to the users via email is set to expire after two days by default. If the user attempts to use an expired link, a message is displayed recommending they start the process over by clicking the forgot password link. The amount of time users have before the reset password link expires is controlled by the Emailed Password Link Valid For Days setting.
Changing the setting
- To change the setting, go to the Admin Console > Administration > System > Settings.
- Use the Search box in the upper right corner and enter Emailed
- There are two settings that control password reset link, one for the website (Storefront Security) and the other for the Admin Console (Console Security):
- Select the desired setting and change the value.
- Click Save.
Updating the message
The 'Reset password link has expired' messaging can be modified by editing the Expired Reset Password Link widget in the CMS. This widget can be found under Home > My Account > Expired Reset Password Link.
- Click View Website.
- Change Content Editor to show On.
- If necessary, select the desired website.
- Click Show Content Tree.
- Click Edit in the upper left corner to expose the page editing options.
- Using the chevrons , expand Home, then expand My Account.
- Click the Expired Reset Password Link page.
- Click Edit for the Rich Content widget.
- Make the desired changes to the content
- Click Save.