I found the solution based off some other threads.
“Resaving” the page that contains the shortcode did the trick!
It did not do the trick for me ;-(
I changed to https:// and get the same response:
The address (may WP installation)/(page with short code)/?restore=40&_wpnonce=d0e5b50d05
points to that empty page with the message:
Failed security check, expired Activation Link due to duplication or date.
- I refreshed permalinks
- I re-saved all clean login pages and even re-saved the site’s permalink address
- I cleaned the browser cache
- I de-activated / re-activated clean-login
To no avail…
My solution was to copy the address of the “restpre password” link of the email (a one time link, see here and here).
And then open that page in a browser where I was NOT logged in.
Looks like the one time link does a (one-time) login and expects that to happen in the same browser the password reset was triggered.
In my case I could not request the password reset in my default browser (since I was looged in as admin on that site), so I used another browser. But following the link in the email with a click opened the (other) browser where I was logged in.
That at least was my explanation and solution.
I have the same issue and I can confirm that using the link at the same browser where the user started the registration did work. As this was (or is) not the default browser at my try I got the “Failed security check, expired Activation Link due to duplication or date.” message.
Is there something the developer can do about and make it work if the browser differs from the one the registration started!?
Hi everybody,
This is the default way to implement a wp_nonce policy in WordPress, but I’m open to implement this in another way if you have code suggestions.
Alberto.
