Hi @locorider,
Welcome to the Auth0 Community and thank you for posting your question.
Firstly, I appreciate your insights on the matter, since the statements mentioned above are correct, as documented in our documentation about Selecting through multiple connections.
The reason why when using the Identifier first or Home Realm Discovery in the Universal Login you can not use both username-password and a passwordless connection is that unlike other connections the Passwordless one is by default sign-up free, meaning that the user does not necessarily need to a have a pre-defined account in order to sign in. Usually they can just input their email address, enter the one-time code and a new user is automatically registered.
The New Universal Login is considered to be the safest option when choosing your UI, so by switching dynamically between a passwordless and a password authentication , then if a user was not found in the username-password connection, it could unexpectedly create a new passwordless user. This can lead to unintended access issues, duplicated accounts or other security risks.
As for solutions regarding your use case, i believe you have already mentioned the only workaround, which involves creating a custom UI with backed up logic that checks for available authentication methods, while a brief example can be checked under our Lock configuration.
However, I also find this proposal very interesting, so I would encourage you to create a Product Feedback about this since it might receive multiple votes.
I hope this helped.
Thanks,
Remus