Cannot reset password for the main account in Confluence

I've tried installing the latest Confluence, also created a dedicated windows account to run the service and gave that account read & write permissions over the Confluence Home dir and the logs, temp and work subdirs in the Confluence installation dir.

And I still get an exception when clicking the link in my email:

Oops - an error has occurred

 System Error

A system error has occurred — our apologies!

...

Cause

com.atlassian.crowd.exception.runtime.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException:

...

    at com.atlassian.crowd.embedded.core.CrowdServiceImpl.updateUserCredential(CrowdServiceImpl.java:318)

caused by: com.atlassian.crowd.exception.ApplicationPermissionException:

...

    at com.atlassian.crowd.integration.rest.service.RestExecutor$MethodExecutor.throwError(RestExecutor.java:522)

Stack Trace:[hide]

com.atlassian.crowd.exception.runtime.OperationFailedException: com.atlassian.crowd.exception.ApplicationPermissionException: ��Z�s�����B�z��eI�;)�^ ��d��veoЫ��_��~��a����ޙ�3X:�;�g ��I��؈4Y�_���D����"!��9 )�$S��οFM� ��M�@c�ٓ���$�4�ִ�ɂG�B��,UA> �ݢ���nS�:�� ˬ@�|�Z ��NF�j��: ✢L/�rM3~�h Eے���," �qA+����^/�+�O��xC�;��)F�@�S$^���b��I �r���QLIz��~�R�.�ԇW�k���_��~y\ ���)X�i����DlW�?��� ĢM�V0�4�z�y���!�)g��z�$� iHX��*y��2�= ���y9�t�ə����Ԛ�34���5������n����|�h��y�Ⱥ��߷e��{���MY��h������X��G��g� �@,ۿ���ė�z��:]4�2�JH���)KX[���r`z��5�c�oS?�!i�_Ӓ�-O�@�t���&h� ����C�c���+u#D�O c��vԀR��3��&[a|1�� e+��)� ��/(��Ҳ���XU��&߾ܫ~K�Nc�p��]l'���m��R�>
*[�� �[�咺��zɒ6���=Wk����pI�{X��p)�z�t�G]����J*�)� �I�Im.hL#$h�i�d��ږ41] I�?��TV�g(%���8/���e�����ĨLd�+�ׇ-�=f|W���rƨ3.k�sǰ7����M���&@y���}�5��
*O0 ����sӇO�ߐ� ��1lB�|������.�}�>)/���`�U�T �WS�BH��'��
v��M-x� &?̩.�;�:tٯ�tL��$���Q����a�Z�w5�3!P�Gi��:~ �qF3���1��Л�~U+嫩.a�f�>�����j�p��$|T� �'FM��Ig��4% ����a��EgXC���L �5��fy� ?\X�e�䰺%4��>�[��|��{�{O?\dz.�H;ز=d���M9���u$��H�k�)7�j_YceF�- H�e�z��[��F��p�x�P��#�ƃ��j ��P�c�5\��*,��;�j9�U�V�4 1�� �� �hU��4*���"ڿ'Qu�3��c��g�?}�xk�[��%Sƌ����"(���fZ㏵@�&��VrW��S���s�䮫��i�Q���4e�t��-b�< 6�� u�z�Ey �f+HYD9&����xS4e š�0*�B˙��Є(�J�bCyU���(��x���yaE��]u��S��@���\�"'��
��@�;ױ /��ڇ��{/�Y�L�:��0���![B�!�������1Z
	at com.atlassian.crowd.embedded.core.CrowdServiceImpl.updateUserCredential(CrowdServiceImpl.java:318)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
	at com.atlassian.spring.interceptors.SpringProfilingInterceptor.invoke(SpringProfilingInterceptor.java:16)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
	at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
	at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213)
	at com.sun.proxy.$Proxy90.updateUserCredential(Unknown Source)
	at com.atlassian.crowd.embedded.atlassianuser.EmbeddedCrowdUserManager.alterPassword(EmbeddedCrowdUserManager.java:180)
	at com.atlassian.confluence.user.ConfluenceUserManager.alterPassword(ConfluenceUserManager.java:105)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
	at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
	at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282)
	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213)
...