This problem was posted a while ago pertaining to OJS2.4.7 (OJS 2.4.7 Reset Password Link expired).
However, I am having OJS126.96.36.199 and when a user reset his/her password, the link that they clicked on was expired. I did the same to my own account and clicked on the link immediately and was indicated as expired. Having said that, I did receive a new password that I could use to log in to change into a new one. Therefore, the expired password reset link seemed to be working but why stated as expired?
In the config file, I have set the reset_seconds to 7200. Perhaps this is a bug?
Hope to get clarification on the matter.