When requesting a password reset, a notification will be sent to the user containing a link to set up a new one.
The notification states the link is valid for 12 hours.
The password reset request itself though will be considered expired after 10 minutes (or whatever value set in the password_reset.request.expiry property).
Steps to Reproduce
1> In Password Reset Process, enable "Email Password Reset URL"
2> Reset Password for a user. Check the email sent from system, it will say the URL is valid for 12 hours.
However the user has to reset password within 10 minutes (or whatever value set in the password_reset.request.expiry property),
otherwise the reset request is expired.
Related Problem: PRB1259511