Prohibit password change without parental controls

Is there a way I can keep users with standard accounts from changing their password WITHOUT using Parental Controls?

 

That's great, but users not being able to access websites that use SSL because of Parental Controls isn't acceptable so that's why I'm trying to find a workaround. I know the general school of thought is to set up an Allow list for SSL websites you want to make it through, but when you've got instructors coming up with new sites they want the students using every day and 250+ computers to deploy the changes to the allow list on, it just isn't feasible.