Uncategorized

Having trouble resetting passwords via Outlook ?

Problem Statement :

Users have trouble resetting their passwords because the Salesforce password reset link expires soon upon request.

Case 1 : Whenever the system administrator initiates a reset password for a user, the user receives the link to their email address, but the link expires as soon as the user clicks it.

Case 2 : Whenever the user clicks the forgot password link in the login screen, a reset password link is sent to the user’s email address, but the user is again redirected to the login page instead of the reset password screen.

Reason for the link to expire :

This issue is attributed to the Safelink validation or the email server protection, where the forgot password link sent from Salesforce is designed for one-time use only. The link is being attempted even before reaching the customer’s inbox, causing an error when clicked, as it’s considered already expired.

Known software that can cause the password link to expire :

  • McAfee feature ‘Link Protect’
  • Mimecast Anti-spoofing software
  • Covenant Eyes – Internet Filtering
  • Outlook all versions (corrupted rules)

How to resolve this?

Navigate to Setup → Profiles. Click Edit against the user’s profile you want to modify the settings.

Screenshot

Scroll down to the Password Policies section.


Enable  the ‘Don’t immediately expire links in forgot password emails’  policy setting in the user’s profile.

The ‘Don’t immediately expire links in forgot password emails’ policy bypasses the email server protection that causes the link to expire.

After enabling the setting, the user will be able to reset the password either using the reset password or by directly clicking the forgot password link.