JoeW.54447 (Customer) asked a question.
How to enforce new password policy
We're changing our password policy to align with the new NIST recommendations. After changing the policy, users are able to continue using their current passwords which do not match the new requirements.
Sending password reset emails do not expire the current password so will not ensure all users change their credentials, and sending a temp password would require manually sending each individual temp password to every user.
Is there a way to enforce this upon next login attempt company-wide?
There's a button for this:
https://help.okta.com/en/prod/Content/Topics/Directory/eu-expire-pw.htm
Has to be an Okta mastered user, where the password is managed by Okta. If you are delegating authentication to Active Directory, so the password is managed by AD, then you will need to perform this action on the AD side, perhaps with PowerShell or another tool.