I’ve created a custom reset password page on my
WooCommerce site. The reset page was previously
/my-account/lost-password/, but my custom page is
In my theme, I’ve copied over the WooCommerce
customer-reset-password.php so I could customise the URL in the email to point to my new page. The link in the email looks like this:
<a class="link" href="<?php echo esc_url( add_query_arg( array( 'key' => $reset_key, 'id' => $user_id ), home_url()." /reset-password/ " ) ); ?>"> <?php // phpcs:ignore ?> <?php esc_html_e( 'Click here to reset your password', 'woocommerce' ); ?> </a>
Now, when I go to
/lost-password/, and enter my email address. I successfully receive a reset email with the link pointing to the correct page:
Upon clicking on the link in the email, I can then enter my new password and re-enter new password (I’m using the WooCommerce
reset_password_form shortcode to show the form).
However, when filling out these fields, and clicking submit, I get the following message:
This key is invalid or has already been used. Please reset your password again if needed.
I’ve had a look into existing threads, namely:
- WordPress: Reset password always invalid key
- Password reset invalid key error: This one states the key might be cached. I’ve cleared all cache from my server (
WPEngine) and from my browser, but the issue still persists.
Unsure how to proceed?
Source: Ask PHP