I have a FGPP already in place that includes "complex password requirement". But upon testing it seems that the only way for the complex password requirement to takes effect is if I force users to change password at next log on or force their existing password to expire. The problem with both of those solutions is that 40% of the users already have a complex password. I do not want them to have to change it again.
What I want to do is this, when a user logs onto their computer they will type in their password. If the current password is not a complex password they will be forced to change it. if password is already a complex password then they can log in as normal with no interruptions.