Idea ID: 2781500

Modify the password policy expiration mechanism so that the initial password assigned to a new user will trigger the mechanism.

Status : Waiting for Votes
Waiting for Votes
See status update history
Currently, when you create a new user and assign them to a policy that has the "Do not expire the user's password when the administrator sets the password" setting disabled, that new user will NOT be required to change their password upon initial login.

You have two ways of getting the setting to work with initial login:
Assign a password when creating the user, then changing the password once in order to trigger that feature.
Manually set a password expiration date for the user to a date that has already passed.

Both methods involve extra steps that should not be necessary.
I can't think of a more mundane use of forcing a password change than when a new user is created.