When a user requests to get a password reset link, and they click on it within moments after it arrives, the link is immediately expired.
This is a known issue. Users can only reset passwords from the Master Site, since users only belong to the master portal and the roles cascade from there. This has been resolved in DNN version 9.2, since the reset password process now retrieves the user's information directly from the master portal. If upgrading is not possible, the workaround is for the time being to reset the password from the Master site.
Product: DNN 9.1.1
Article By: Michael Ayoub