This looks very similar to the same problem I was having (though mine was a new account being forced into its initial password change -- but the same error on trying to submit the password change), so it's interesting to hear that it's not just me.
I had some discussion with Dave (dave64 on irc) about this but it didn't come to any useful web-based conclusion. I have shell/sudo access and wound up running the change password php script that way, at Dave's suggestion. So I guess I'm not much more help than "you're not alone", but maybe Dave can dig further On Tue, May 12, 2015, at 06:53 AM, Nic Bernstein wrote: > I've already spoken up about trying to do something about this, but to no avail. I'll volunteer to at the very least uncrap things a bit. However, the current site has some problems with the authentication system. I have credentials on the site, but had lost/forgotten the password. I used the password reset facility, but now when I log in I am asked to change my password, and that process always results in this message: >> There seems to be a problem with your login session; this action has been canceled as a precaution against session hijacking. Go back to the previous page, reload that page and then try again. > So I'm stuck. If someone can fix this, fine; please do so. If not, I can register again, but then need someone with authority to authorize my new account, and I'll probably be asked to update my password, and... (wash, rinse, repeat). >