Created from OTRS ticket #9205643
I recently tried to reset my password and I put in the wrong email address when I tried to reset my password. Since I used the wrong email address Wikipedia did not send me a password reset code. I went back and input my other email address and tried to reset my password but I received an error message saying that I couldn't attempt to reset my password for another 24 hours.
I understand you want to reduce fraud and avoid hackers using robots to hack into peoples accounts, however, I think allowing one try per 24 hours is overly restrictive. Most sites allow at least three attempts before locking accounts. I suggest Wikipedia do the same.