diff --git a/includes/tfa_reset.inc b/includes/tfa_reset.inc
index bd9fd3c..cdf465a 100644
--- a/includes/tfa_reset.inc
+++ b/includes/tfa_reset.inc
@@ -51,6 +51,7 @@ class TfaBasicReset extends TfaBasePlugin implements TfaValidationPluginInterfac
         'expiration' => variable_get('tfa_basic_bypass_link_expiration', 3600 * 24),
       );
       drupal_mail('tfa_basic', 'tfa_basic_reset_link', $account->mail, user_preferred_language($account), $params);
+      tfa_logout();
       drupal_set_message(t('Further instructions have been sent to your e-mail address.'));
       drupal_goto();
     }
diff --git a/tfa_basic.module b/tfa_basic.module
index 2a30f87..289a18b 100644
--- a/tfa_basic.module
+++ b/tfa_basic.module
@@ -204,7 +204,7 @@ function tfa_basic_bypass_access($type, $timestamp, $account, $token, $custom_ac
     }
     if ($custom_access != NULL) {
       // Invoke custom access control function.
-      return call_user_func($custom_access, $account);
+      return call_user_func_array($custom_access, array($account, $timestamp));
     }
     return TRUE;
   }
@@ -242,9 +242,11 @@ function tfa_basic_bypass_reset($account) {
  * Access control for the reset links.
  *
  * @param object $account
+ * @param int $timestamp
+ *
  * @return bool
  */
-function tfa_basic_bypass_reset_access($account) {
+function tfa_basic_bypass_reset_access($account, $timestamp = 0) {
   $exclude_roles = variable_get('tfa_basic_reset_exclude_roles', array_diff(array_keys(user_roles(TRUE)), array(DRUPAL_AUTHENTICATED_RID)));
   foreach($account->roles as $rid => $role) {
     if(in_array($rid, $exclude_roles)) {