Yael,
My users were unable to set a new password using “reset password”. The page reported that the key was invalid. If a logged user tried to access the link, he could view the page normally.
I was thinking that it was permission issue but I resolved by changing the file /includes/class-theme-my-login.php line 380:
from:
if ( ! $user || is_wp_error( $user ) ) {
to:
if ( ! $user ) {
