I found three problems.
1) on the forgotpassword page you had the password column set to MemberID instead of password
2) on the reset_password page the userID variable used to filer the recordset and set the update was set to a session variable that wasn't set instead of the url parameter passed to the reset page.
3) The update server behavior on the reset page wasn't actually encrypting the password before updating the record
After fixing those three issues the page seems to be working properly.