The security of your computer In preventing unauthorized access by anyone attempting to sign In, Is only as good as the local user account password that's used to protect It. Changing It on a regular basis Is Imperative, however many users become complacent and simply stick with the same one for the majority of their computing tasks. As such, In this tutorial, I will show you how to force users to change their password when logging In.
Before I begin, do note that this pertains to local user accounts, and not those created with a Microsoft account. Whether you're operating In a business environment or simply a home network, It's of the utmost Importance to change passwords every so often. Why? Well, If someone has knowledge of your currently used password, they can login to your PC anytime they please. Implementing a new one, will obviously prevent this altogether.
Whether your users like It or not, I will demonstrate how to force them to change their password the next time they sign In to their account. Failing to do so, will prevent access to their computer. To achieve this, I will use the Local Security Policy, which Is only available In Windows 10 Pro, Enterprise and Education editions. So without further delay, let's get this tutorial started.
Step One:The first thing you need to do, Is access the Local Security Policy. Open the Run menu, enter lusrmgr.msc and hit OK as shown below.
Step Two:The Local Security Policy will now open, so click on Users, right-click on the local user account that you wish to apply the password change, and then click on Properties. In my case, the account Is named Windows 10 Tips.
Step Three:Next, hit the checkbox as highlighted In orange, and click OK to finalize the process.
Step Four:At the next sign In session, the password must be changed. Let's put It to the test. I've rebooted my computer, and It's prompting to enter my password. I've done exactly that, and hit the Enter key on my keyboard.
Step Five:A message has been returned, saying that the password must be changed before signing In. As such, I've hit OK.
Step Six:I'm now forced to change my password, by entering a new one and confirming It In the respective Input fields. Let's see what happens when I hit the arrow sign.
Last Step:As you can see, a message of Your password has been changed has been returned. Perfect! Everything has gone according to plan.
Final Thoughts:Windows does not prevent users from using the same password during the change, thus for the above Implementation to be effective and prevent password reuse, you must enforce a password history. In doing so, the same password cannot be used In succession. I've documented a tutorial on this, so simply use this blog's search function, or view the Security Related category.
It's also worth mentioning, that the password change only takes effect once, meaning every time your users change It, you'd need to reapply It (when you're ready to force another change) via the Local Security Policy.