I am using the perishable token magic in authlogic to do password resets. However, it seems that the token is getting reset when a user tries to log in and fails. This is because authlogic is incrementing failed login attempts on the user record. So if the user requests a new password and then tries to log in before resetting the password, the perishable token changes.
Any ideas to get around this?