If your system has multiple users and one of the user’s password got leaked, you can force that user to change the password on their next login. This is particularly useful to make their account secure and safe.
There are multiple ways to force a user to change the user account password when they log in the next time. For example, you can set a group policy to expire the user account password after a set number of days. At which point, Windows will ask the user to change the password. As you can guess, this method is not immediate.
If you are looking for immediate action, you can use the advanced user account settings tool to force the user right now. The good thing about this method is that it is one-time use only.
Note: The below method only works for local user accounts. If you are using a Microsoft account to log into Windows 10 machine then you have to inform the user and ask them to reset their MS account password.
Steps to Force Users to Change User Account Password at Next Login
1. First, open the start menu, search for “netplwiz” and click on the result. This action will open the Advanced User Management tool.
2. In the Advanced User Management tool, go to the “Advanced” tab and click on the “Advanced” button.
3. The above action will open the Local User Management tool. Here, open Users folder, find the user account for when you want to reset the password, right-click on it and select “Properties” option.
4. In the user properties window, select the “User must change password at next logon” and click on the “Apply” and “Ok” buttons to save the changes.
That is it. You are done configuring.
The next time the target user tries to log into the system, Windows will show a message something like this and forces them to change the password.
As soon as they click on the “Ok” button, Windows will prompt for both the old and new password. It will not ask for new security questions though.
Once the password is changed, Windows will let the user know the same. From now on, they can log into the system with the changed password.
As you can see, it is pretty easy to force a user to change the password in Windows. Like I said earlier, this is a manual procedure. If you want your users to change the user account password after a set number of days then you have to use the Group Policy Editor and set password expiration rules. These rules will be applicable to all users and user groups.
Hope that helps. If you need any help or got stuck, comment below and I will try to help as much as possible.