Password reset for Google Suite Organization

Hello, I have google suite customer that has about 30 users and the owner wants me to force everyone to change their email password. I haven't found a place that I can force the entire organization to do a password reset nor a way to go to each account and force a password change the only thing I could think of is send out an email telling everyone that we are planning on doing a password reset on a date and time your password will be abc12345 and when you enter that password it will force you to change it to a password of choice. This idea just seems like I am creating a morning full of phone calls. Also was going to send an email with instruction on updating email password for android and IOS prior to doing this to cut down on the calls for that issue.  Any thoughts on a better way or something I may not be thinking of?
Deerek11Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AlanConsultantCommented:
Hi,

Personally, I believe that forcing password changes is actually a negative for security in general.

I would be talking to the owner, and trying to understand why they want to do this.  Perhaps they talked to someone who said they should, but that someone is a bit clueless or stuck in the past.

If they have reason to think that one password has been compromised, then change that one password.

On the other hand, they might have reason to think that many or all of the passwords have been compromised (for example, an employee was found to have been asking for and keeping a record of everyone's passwords) in which case, maybe a mass change is warranted.

The possibilities are numerous, but I would definitely want to understand what threat they *think* they are addressing, so that I could advise them on the best way forward.


Alan.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Deerek11Author Commented:
I always thought a good password reset schedule is good possible every 90 days or so ....  But you would advise not to change email passwords at all or this is a thing of the past a good stong password doesn't need to be changed often?
0
AlanConsultantCommented:
I world ask what risk you are trying to mitigate by forcing a password change?

Many people, on being forced to change their password, either add a number to the end, or rotate between a few passwords, or write them down.

If someone has a good password, and it has not been compromised, why change it?

I note that some government agencies do advise changing passwords periodically, but I don't believe that is necessarily good advice.

If it is policy though, then you should follow policy unless and until you can get it changed.

Alan.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Google

From novice to tech pro — start learning today.