Cancel Password Reset deletes User Account

[stevengopmo]

Using version 8.4, I have the following scenario.

Create new user
User gets email, clicks verify
user logs in, does work
admin sends reset password
user accidentally clicks cancel request
user account deleted

I have the configuration set to not allow deletion

            var settings = SecuritySettings.Instance;
            settings.MultiTenant = false;
            settings.AllowLoginAfterAccountCreation = true;
            settings.RequireAccountVerification = false;
            settings.AllowAccountDeletion = false;
            settings.EmailIsUsername = true;

to send the reset password link I'm calling
_userAccountService.ResetPassword(user.ID);

besides removing the cancel link by providing my own content, is there something that I'm doing wrong here?

btw, I'm sorry to hear you are dropping the project my understanding is MS's project is a *&^%$ to customize.