If this wish is granted we need this to be optional, because we deliberately turned this off. It gave us problems when logging in the first time with Citrix and the Microsoft Authenticator. > When logging in the first time in Citrix you need to change your password. But before you can do that you first need to instal en set the Microsoft Authenticator. But you can't do that if the account is asking to change the password first. So the process is going in a loop.

If you are using Active Directory, you should be able to set the option "User must change password at next logon" through an account create script.