Comment by tzs

Note that by doing it that way they don't have to have a special case for handling input of username/password when that password is a new password. Making security critical code simpler is generally a good idea.

Whether it is worth annoying some users in the password reset case to avoid making the login code slightly more complicated is going to depend on your specific situation.