This applies to RedHat Enterprise 4 & 5, and by association to Fedora and CentOS.  It probably works on some other distros as well, but your mileage may vary.

I am constantly having to reset user passwords, as I use the “three failures and your account is locked” schema, as well as set passwords to expire every 60 days.

1. Lock their account so they don’t log in while you are performing these steps:
   

   #> usermod -L username

2. Change their password to the temporary password you wish to assign them:
   

   #> passwd username
   (Enter the password when prompted)
   

3. Change the age of this new password to 0 so that the user will be forced to create a new password the next time they log in:
   

   #> chage -d 0 username

4. Unlock their account so they can log in again:
   

   #> usermod -U username

That should do it!  If you’d like to learn more about requiring passwords of a certain length/complexity, setting them to auto-expire after a certain length of time, or other password management tricks, check back soon.