If, as Julius suggests, the reason you want to do this is because you have changed your password policy to be more stringent (i.e., requiring numbers, mixed case, etc), and you want to ensure everyone's password is compliant immediately even if it's not yet expired, you can set the profile parameter login/password_compliance_to_current_policy to 1, and this will force a check at their next logon. If their current password is compliant, nothing will happen, but if it's not, then they'll need to change it right away. The default for this parameter is 0, which means the password will only be checked for compliance at the next change (whether manual or forced by expiration).
Or are you trying to simply force everyone to change their password once, immediately, regardless of compliance? Why not just set an expiration time and let them expire normally?
Regards,
Matt