I have been encountering a dead lock situation, need assistance from community. Created a sandbox out of Prod, all emails address got appended with .invalid except the one who created the sandbox. now the issue is, I edited a user's email address let say xyz@gmail.com.invalid to xyz@gmail.com then system popped up a confirmation request, upon gave proceed the email address changed back to xyz@gmail.com.invalid and triggered an email change verification email to xyz@gmail.com. here is the catch, on clicking the link to verify email it ask both username and password, were I don't know the password hence trying to reset the password but not receiving the password reset email as the email address is xyz@gmail.com.invalid. I don't think this is a ideal behavior.
Passwords on new sandboxes are always the same as the password for whichever org you created the sandbox from (usually Production), because the sandbox is a snapshot of the org it was created from.
The username in a newly created/refreshed sandbox will always be [username].[sandbox name], e.g. my.email@mydomain.com.sandbox
For future sandbox creation/refreshes:You can create a public group for Sandbox access and add anyone to the group who needs access to the Sandbox (either manually or through User Access Policies).
Then when you create or refresh a sandbox, you add that group as part of the process, and none of these users will have .invalid added to their email address.
