When requesting a new password within a 24 hour period, you get this error:
A password reset email has already been sent, within the last 24 hours. To prevent abuse, only one password reset email will be sent per 24 hours.
Consider increasing the throttle substantially (maybe once an hour? or every 5 minutes?)