id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
28622	Allow password reset token to expire in under a day	Nijamudeen	Hasan Ramezani	"Currently, the settings only has PASSWORD_RESET_TIMEOUT_DAYS for expiring token, which means it is impossible to set the timeout to hours/minutes.

In many applications a day is far too long and doesn't meet security requirements

It should be possible to configure it using a timedelta for arbitrary expires "	Cleanup/optimization	closed	contrib.auth	dev	Normal	fixed		Zach Liu	Accepted	1	0	0	1	0	0