Force User password reset on logon

Problem Statement

New user account creation and compromised passwords

Who will benefit?

Everyone, this will allow super admin to easily address the need to update passwords when needed but removing the need for the admin to set one and request manual actions to be taken by the end user.

Benefits and risks

What benefits does this bring?
    - Increase Security 
    - Better account creation process(a simple password could be set knowing that the user will be forced to reset it to something unique to them.

What risks might this introduce?
    - a check to make sure the password is reset may be needed.

Proposed solution

when admin sets password user should be prompted to reset it upon first logon, and/or check box added to user page requiring password reset on next logon this box should prompt user on next logon to change there password. once the password is changed it should uncheck the box.

Examples

common practice to require password changes on admin set passwords.

Priority/Severity

• High (This will bring a huge increase in performance/productivity/usability)
• Medium (This will bring a good increase in performance/productivity/usability)
• Low (anything else e.g., trivial, minor improvements)