Microsoft
MicrosoftMIE_Tech this is a very broad question but I will try to answer it inline to the queries. Feel free to add if there are any followup questions.
Customers are looking to go Password Less, this is the future. However there might take sometime before you get there and till then in order to protect ourselves we must use AAD Password protection or similar features.
1.) How do you make it easy or even feasible for most people to change between 500 and 2000 passwords--this will be extremely time-consuming, so a method is required--what would this be?
Zoheb : So here we are talking about your on Prem AD & AAD password which should be really be one. Here we are trying to protect the user Identity in AD.
What you mean by 500-200 passwords (Which is way to much) is probably for some personal Emails, accounts or subscriptions.
In general for behavioral analysis we have Microsoft Defender for Endpoint which could help you find.
2.) How does the company--like a warehouse, check the PC's, phones and all devices of each employee, for potential exploits by pirates getting in with weak passwords on devices they use? How do they check, the first time, and how do they KEEP checking each day?
Zoheb : That's an interesting question, however we do have ways to govern this. If you are at remote Site AAD Password protection is primarily an Azure feature.
If you use Azure SSPR to change password it will still work and this helps ensure your passwords are strong.