0
How can I make sure the currently logged in Administrator account will be forced to change its password, upon the next logon, and only on this next logon.
This is a standalone Windows 7 (Home Premium) machine, with only a single user ('me'), no domain controller, no network policies, etc.
BigBelly
Posted 2018-06-23T20:07:53.263
Reputation: 11
2
This is not possible on a Home Premium version of windows, and needs a Business or Pro version or higher, as it requires local group policies to exist.
If you upgrade windows 7 to Business Premium, then the following part of the answer can be used:
You can do this from Computer Management.
Go to the control panel, Administrative tools, then Computer management.
In the left menu, find Local Users and Groups.
Open it, and go to Users.
You will find a list of all users on your computer.
Double click the user you want to edit.
You will find a box that says [ ] User must change password at next logon. Check the box and hit ok.
This option will be grayed out for domain users because domain users are controlled through Active Directory. I know this is not applicable for you, but I'm listing this in case someone else finds this that has a pc that is joined to a domain.
This feature exists in every NT version of windows, going back to Windows NT 4. It also is included in Windows 10.
LPChip
Posted 2018-06-23T20:07:53.263
Reputation: 42 190
0
This series of steps should give the impression of the "password must be changed on next logon":
According to this Windows Central article, you can configure an account's password to expire with WMIC:
wmic UserAccount where Name='USERNAME' set PasswordExpires=True
Note: Replace "USERNAME" with the name of the account you want the password to expire.
This causes the account to expire after they reach their max password age. You can configure the max age for all accounts on the machine to 1 day with:
net accounts /maxpwage:1
Finally, create a batch script and put it in the Startup folder of the target user's account to disable expiring passwords with the command:
wmic UserAccount where Name='USERNAME' set PasswordExpires=False
I say Reinstate Monica
Posted 2018-06-23T20:07:53.263
Reputation: 21 477
Will this work on a Windows Home Premium too? Given that this is a policy setting you are changing, and policies are absent in the Home Premium version, I doubt this will work. – LPChip – 2018-06-24T10:45:25.420
I don't see why not. Keep in mind Home Premium and Pro are the same under the hood, but the former just has certain features "turned off." In my experience, policies are not among those disabled features. As long as you can set the policy, the OS will enforce it. – I say Reinstate Monica – 2018-06-24T12:18:18.587
I have other experiences of forcing a policy on but the OS simply ignoring it. – LPChip – 2018-06-24T13:15:02.220
Hopefully someone can try it and let us know. – I say Reinstate Monica – 2018-06-24T13:47:15.417
0
Here's what I found worked for me on Windows 10 Home.
wmic UserAccount where name='John Doe' set Passwordexpires=true
Followed by
net user "John Doe" /logonpasswordchg:yes
joat
Posted 2018-06-23T20:07:53.263
Reputation: 1
Is there maybe any method of doing this directly with regedit or something like that? – BigBelly – 2018-06-23T21:14:03.900
Not to my knowledge. – LPChip – 2018-06-23T21:14:30.523
If it is your goal to install windows to a pc, then place it at a customer site and have them come up with a password once, you could consider creating a slipstreamed install and abort the install once the "create user" screen comes up, and let them execute that stage. Its an out-of-box experience. – LPChip – 2018-06-23T21:16:41.013
I'm giving away an older laptop for a charity fund raiser. I've restored it to factory specs, applied a ton of windows updates, remove bloatware, etc. But I would like the user to force the new owner to change his/her password. So it's a one time afair really. – BigBelly – 2018-06-23T21:24:04.400
I would remove the password then and make setting a password something the new owner must do. Not make any hastle of this. – LPChip – 2018-06-24T10:44:12.607