Yes, this is correct.
But then again, if the user tries to login after the password has been changed and cannot, they can always go back to the forgot password page to reset it once again.
The tutorial shows one way a forgot password page can be configured, you could take the tutorial a few steps further and implement a system where there is an question and answer to be abler to reset the password to safe guard against this situation.