I am trying to find a user friendly way that our organization can Rehash our sha1 passwords to sha256 when we import them into Auth0 for the first time but there are some outliers and I want to know the best options to use through Auth0. There are some main concern.
Problem #1: Looks like through the current API implementation we could only force an email but not an actual reset on there first login?
Problem #2: With accounts that only contain social logins and not an actual user in our data we could create a user and a random password but we need to force a password reset so they can actually be able to login.
Is there away to force a password reset for each newly added user to auth0 during there first login attempt without having to send out an email? We want to eliminate a breach but also avoid having users locked out of there account because of password we created during our import.