Operator context
Longer answer
The technical constraint is non-negotiable. Different platforms use different password hashing algorithms, and Shopify enforces its own hashing standard for security consistency. Cross-platform password import would require storing plain-text passwords, which no platform should do. The reset-on-first-login flow is the security-correct alternative.
The operator playbook for managing the reset has three components. First, a proactive customer email sent 48-72 hours before launch explaining the upcoming change and the reset requirement. Frame the reset as a security improvement (true) rather than a technical limitation. Brands that send this proactively see two-to-three-day support spikes and then normalisation; brands that skip it see sustained backlogs.
Second, customise the Shopify default password reset email. The default is generic; for migrated customers, explain why the reset is happening (the migration). Include the brand visual identity and a clear call-to-action. The customisation takes minutes and materially improves completion rates.
Third, staff support capacity for 3-10x normal volume in week 1 post-launch. The spike is predictable; brands that staff for it absorb the volume without creating a queue crisis that generates negative reviews. Follow-up emails at two and four weeks post-launch recover 20-40% of customers who did not complete the reset initially.