You can enforce a password change for Office 365 (Azure AD) users without having to reset the password through Powershell.
For a single user:
Set-MsolUserPassword -UserPrincipalName user@domain.com -ForceChangePasswordOnly $true -ForceChangePassword $true
To force all users to change their password:
Get-MsolUser -All | Set-MsolUserPassword -ForceChangePasswordOnly $true -ForceChangePassword $true
You can also use filters ? {} to limit the password change enforcement to specific groups of users.
Note that it is recommended to also use Revoke-AzureADUserAllRefreshToken to end all current open sessions, and immediately enforcing the user(s) to log in again and change their passwords.
Send a link to this post to yourself or a friend.