This is the basic Linux Admin stuff, enforce the user to change password at the first login. Usually, the administrator will provide the first-time login password and the user should change that to something more secure and their liking. But to enforce this change, Linux has an option to expire the user password forcefully.
Let us explore.
Setting the user password to expired.
Admin can set the user password as expired using the passed command. the syntax is,
passwd -e <USERNAME>
[email protected]:~# passwd -e codex passwd: password expiry information changed.
Next time, when the user login, they will be forced to change, as shown below.
With this, the root user has enforced the user to change the password upon the next login.