Webmail Sessions do not expire during password resets
At the moment once a password reset is performed in webmail, the session does not expire. This causes further attempts to browse the account and view the inbox to give errors such as "Authentication plain: Authentication failed".
This will occur until a user logs out and logs back in.
Please can this be corrected so that either the existing session re-auths with the entered password (if possible) or that once the user has reset this, they are then logged out and taken back to the login page to re-auth with their new credentials.