BACKGROUND
Each FTP server implementation decides if/how to invoke access controls, per File Transfer Protocol (FTP) technical specification RFC 959:
2.2. TERMINOLOGY
...
access controls
Access controls define users' access privileges to the use of a
system, and to the files in that system. Access controls are
necessary to prevent unauthorized or accidental use of files.
It is the prerogative of a server-FTP process to invoke access
controls.
Since password policy represents a form of access control, and RFC 959 specifies no password reset mechanism, it seems reasonable to conclude each FTP server implementation decides if/how to support FTP client-initiated password resets.
In practice, this represents what we see:
Some servers, such as Titan FTP server, support SITE PSWD command:
SITE PSWD "<old_password>" "<new_password>"
Other servers, such as WS_FTP Server, support CPWD command:
CPWD <new_password> Yet another
variant is:
SITE CPWD <new_password>
IBM Z/OS FTP SERVER PASSWORD RESET MECHANISM
IBM z/OS FTP server extends File Transfer Protocol (FTP) command "PASS", to grant FTP users the ability to initiate the password change, via the FTP client.
Specifically, enter "oldpass/newpass/newpass", in FTP client field "password" (substitute the actual old and new passwords, for "oldpass" and "newpass", respectively, preserving the forward-slash delimiters). Upon successful login, this triggers the FTP server to subsequently change the FTP user password, on the remote server. Subsequent logins require the FTP user to provide only the new password. Additional constraints exist; please refer to the IBM FTP command "PASS" documentation for full details.
AUTOMATING IBM Z/OS PASSWORD RESETS
Automation depends on both the FTP server password reset mechanism and an FTP client which lends itself to automation.
We currently use Ipswitch WS_FTP Professional Client v12:
ONERROR GOTO end1 ;(Goes to the end1 label and ends the script)
TRACE SCREEN ;(sends a trace of the script to the screen - you can modify this line to point to a trace files so that any errors can be viewed after the script is run)
LOG SCREEN ;(sends the log file to the screen you can modify this line to point to a trace files so that any errors can be viewed after the script is run)
USER test ;(username command)
PASS oldpw/newpw/newpw ;(password command)
CONNECT 127.0.0.1 21 ;(connects to the remote site)
CLOSE ;(closes the connection)
LABEL end1
Best Answer
There are quite a few tools out there that you can take a look at for what you're requesting:
My company was previously using a homebrewed PHP password manager, but we switched over to a commercial manager. I currently use Lastpass as my current personal password manager, but they also have an enterprise version which you can check out.