I have spent hours trying to make first time login flow easy for the users of our service.
It should go like this:
1) admin registers the user
2) the user gets the email with the one-time login link
3) when using the link, the user is asked to select a password (and very preferably nothing else)
4) right after this the user is redirected to one specific page
I have tried combinations of modules like rules, logintoboggan, password policy, force password change etc., but always something goes wrong. For example with password policy module the old password is asked for first time login or forgotten-password. Otherwise it would be ok solution.
It seems ridiculously hard to do when thinking that this is exactly what many (if not most) webservices need - it is 2013, you are not supposed to leave your users wondering on the lengthy profile page what to do next. Seriously, I bet if one checks how many users drop out from the current default first-time-login or forgotten-password flows, it is ridiculously high number. They go on clicking something else than the submit button down below the page (often below the fold).