diff --git a/core/default_settings/app_config.php b/core/default_settings/app_config.php
index 6953cc738d..e53c918856 100644
--- a/core/default_settings/app_config.php
+++ b/core/default_settings/app_config.php
@@ -222,6 +222,14 @@
 		$apps[$x]['default_settings'][$y]['default_setting_enabled'] = "false";
 		$apps[$x]['default_settings'][$y]['default_setting_description'] = "Display a Reset Password link on the login box (requires smtp_host be defined).";
 		$y++;
+		$apps[$x]['default_settings'][$y]['default_setting_uuid'] = "a21a002c-c065-411c-ae56-3d33a09f64b4";
+		$apps[$x]['default_settings'][$y]['default_setting_category'] = "login";
+		$apps[$x]['default_settings'][$y]['default_setting_subcategory'] = "password_reset_domain";
+		$apps[$x]['default_settings'][$y]['default_setting_name'] = "text";
+		$apps[$x]['default_settings'][$y]['default_setting_value'] = "";
+		$apps[$x]['default_settings'][$y]['default_setting_enabled'] = "false";
+		$apps[$x]['default_settings'][$y]['default_setting_description'] = "Set the domain to use in the Password Reset link sent via email.";
+		$y++;
 		$apps[$x]['default_settings'][$y]['default_setting_uuid'] = "962ac32c-74ce-4cce-b1d9-89f4d921493d";
 		$apps[$x]['default_settings'][$y]['default_setting_category'] = "login";
 		$apps[$x]['default_settings'][$y]['default_setting_subcategory'] = "domain_name_visible";
diff --git a/resources/login.php b/resources/login.php
index d8c0b0019d..2d4c21cd02 100644
--- a/resources/login.php
+++ b/resources/login.php
@@ -91,7 +91,18 @@
 
 							//generate reset link email and body variables
 								$domain_uuid = $result['domain_uuid'];
-								$domain_name = $_SESSION['domains'][$domain_uuid]['domain_name'];
+								if ($_SESSION['login']['password_reset_domain']['text'] != '') {
+									$domain_name = $_SESSION['login']['password_reset_domain']['text'];
+								}
+								else {
+									foreach ($_SESSION['domains'] as $uuid => $domain) {
+										if (strtolower($domain['domain_name']) == strtolower($_SERVER['HTTP_HOST'])) {
+											$domain_name = $_SERVER['HTTP_HOST'];
+											break;
+										}
+									}
+									$domain_name = $domain_name ? $domain_name : $_SESSION['domains'][$domain_uuid]['domain_name'];
+								}
 								$key = encrypt($_SESSION['login']['password_reset_key']['text'], $result['username'].'|'.$result['domain_uuid'].'|'.$result['password']);
 								$reset_link = "https://".$domain_name.PROJECT_PATH."/login.php?action=define&key=".urlencode($key);
 								$reset_button = email_button(strtoupper($text['label-reset_password']), $reset_link, '#2e82d0', '#fff');
@@ -160,6 +171,9 @@
 		$password_new = trim($_REQUEST['password_new']);
 		$password_repeat = trim($_REQUEST['password_repeat']);
 
+		//strip off @domain if submitted with username, as the valid domain for the reset is already being provided in the where clause below
+		$username = substr_count($username, '@') != 0 ? explode('@', $username)[0] : $username;
+
 		if ($username !== '' &&
 			$username === $_SESSION['valid_username'] &&
 			$password_new !== '' &&