TOTAL SSL FAILURE - recovering from heartbleed - openssl security

openssl has been identified as including a fatal flaw - see here: http://heartbleed.com/

so the https function of sites needs to be reset - and all passwords for all users also reset.

is there a more effective way of doing this in elgg, other than sending a direct massmail request to all users? is there a plugin to force all users to change passwords?