You're really talking about two totally unconnected things here.
2FA isn't involved in the password reset process at all. If a user is resetting their password, as long as they are entering the correct email address and the email isn't being marked as spam, then it should be delivered without issue.
At that point, they can change their password and in future can log in with that password.
After that, however, if they have 2FA enabled, they will need to authenticate with their preferred 2FA method. If they've lost access/forgotten this too then you would have to make a decision as to whether you should reset that for them in the user edit screen of the Admin CP. You should only do this if you're certain that the user is who they say they are.
