An Active directory account passwords expiring is set by default on 90 Days & no companies barely change that value.
Configuring an AD account with Password Never Expires is not recommended due to security. However, there is a workaround to reset this value.
To do it so, we will need to fetch the attribute editor. This is only available with “advanced options activated” & scrolling to the correct ou where the user is placed, double-clicking on it and selecting the “attribute editor” section.
Hence will select the attribute and set it to “0(number)” & save
Once done ( apply & exit ) We will set again the value into -1
We will press ok & Apply. Once done. Is like nothing ever happened. The cycle is restored and will not ask for a new password until the 90 days it will show today’s date.
I must say that you better only use this workaround in special scenarios like someone travelling and no phone contact is possible and you want to avoid a bad situation for the user.
Do not use this as a normal procedure to reset the password for security reasons.