diff --git a/rauthy-service/src/password_reset.rs b/rauthy-service/src/password_reset.rs
index 791a9f59..c4daa7ac 100644
--- a/rauthy-service/src/password_reset.rs
+++ b/rauthy-service/src/password_reset.rs
@@ -7,6 +7,7 @@ use rauthy_models::app_state::AppState;
 use rauthy_models::entity::colors::ColorEntity;
 use rauthy_models::entity::magic_links::{MagicLink, MagicLinkUsage};
 use rauthy_models::entity::password::PasswordPolicy;
+use rauthy_models::entity::sessions::Session;
 use rauthy_models::entity::users::User;
 use rauthy_models::entity::webauthn;
 use rauthy_models::entity::webauthn::WebauthnServiceReq;
@@ -218,6 +219,9 @@ pub async fn handle_put_user_password_reset<'a>(
         .await
         .unwrap();
 
+    // delete all existing user sessions to have a clean flow
+    Session::invalidate_for_user(data, &user.id).await?;
+
     // delete the cookie
     let cookie = cookie::Cookie::build(PWD_RESET_COOKIE, "")
         .secure(true)