Can access my account without resetting password

[ana0]

Not sure what repo this best belongs in ...

This is a bug with the website signin for making api keys. Steps to reproduce:

1. Click login
2. Click forgot password
3. Put in your email and click to confirm you want to reset your password
4. When the email arrives, click the link inside to open the password reset page - DO NOT ACTUALLY SET ANY NEW PASSWORD
5. Close the reset page tab
6. Open a new Infura tab and you'll be logged in

Not a security hole necessarily, since you have to click the link in the email, but probably not the desired behaviour here either.