The previous log protect redaction instructions missed a method used by the patron initiated password reset system. In order to fill this gap, you need to find the <log_protect> portion of your opensrf_core.xml file and add the following line:
<match_string>open-ils.actor.patron.password_reset.commit</match_string>
You should see a number of similar lines already there in between <log_protect> and </log_protect>.
This adds a "Server Add-ons" menu entry under Admin → Workstation Administration in the staff client. Choosing this allows you to edit or set a list of identifiers that correspond to JSAN-style modules found in /server/addons/, and is meant mainly for activating 3rd party modules within the staff client on a per-workstation basis. You need the ADMIN_SERVER_ADDON_FOR_WORKSTATION permission to use it.
Configuration options for activated add-ons may also show up in this interface.