Hi @caward24,
Welcome back to the Auth0 by Okta Community!
I understand you are worried about the possible friction with having users reset their passwords. These are the solutions I’d recommend:
As an Admin, you are able to force a password reset via the Auth0 Dashboard or the Management API.
If you are worried about the flow of the email of the password reset, you could block users from logging in via their “email_verified” attribute. Users are then forced to use the forgot password flow configured on the Universal Login. This solution is described in this post:
Please let me know if there’s anything else I can do to help, I’m glad to clarify further.