Use a boolean for that (make it true as standard) and check this boolean when the user goes to it's homepage. You now probably have a page as starting page. Change that in a microflow that opens that same page. Now in this microflow use the current user to retrieve the account of the current user and check how this boolean is set. If it is true do not go to the homepage but to the page to reset it's password. Adapt the microflow of the save action so that it will set this boolean to false. And make sure that the admin can see and this this booleans for all the accounts. Hope this helps,
Regards,
Ronald