Regardless of the size of your organization, following best practice security procedures are fundamental to your operation and should never be dismissed. One of these fundamental security procedures is the period resetting of a strong login password — a security task that users are understandably reluctant to participate in.
SEE: Use this checklist from TechRepublic Premium to secure your Windows 11 systems.
In Windows 11, administrators of local user accounts can force members to reset their respective passwords on their next login by making a simple change on a specific configuration screen. Navigating to this screen requires a few steps and may involve a less-than-intuitive flip of more than one switch, but doing so will force you users to reset their Windows 11 login passwords.
Force users in a local group to reset their passwords in Windows 11
For better or worse, Microsoft has decided to make navigating to the correct configuration screen for this process much more difficult than it should be. For example, you cannot reach the proper setting through Settings, and typing “user control” into the Windows 11 desktop search box will not reveal the proper settings area either. Instead, we must rely on an old, but useful, configuration wizard.
To open the configuration tool, press the keyboard combination of Windows Key + R, and type “netplwiz” into the command text box. This will open the User Accounts control panel (Figure A).
Figure A
Click the Advanced tab in the User Accounts pop-up, and then, click the Advanced button under the Advanced user management section (Figure B).
Figure B
Clicking the Advanced button reveals the Local Users and Groups manager (Figure C). Click on the Users folder to reveal the list of local users. This screen is where we will make our settings changes to force users to reset their passwords.
Figure C
Right click a username from the list, and select Properties from the dropdown context menu, which will open the Properties screen for that specific user (Figure D). We are interested in the set of checkboxes at the bottom of this screen.
Figure D
We want to place a check in the first checkbox, which is labeled User must change password at next logon. But, in many cases, that setting may be grayed out and unavailable. To make it available, first uncheck the box labeled Password never expires.
When the change to settings is complete, click Apply and then OK to finish the process. Perform this task on other users from the list as you see fit, and when you have finished, you can exit both the Local Users and Groups manager and the User Accounts control panel.
Now, the next time a user logs in to Windows, they will be asked to reset their password following the standard rules for password creation.
There are other methods for forcing individuals to reset their Windows 11 login passwords, which involve administrative tools found in Azure. These tools are designed for organizations with more than a few users and require more in-depth tutorials.