If you know the old password then only you can change the password of an account in cpanel. You can directly change the cpanel password from WHM. But for that you will have logged in as root. You can provide your customer the jailshell access instead of SSH such that the user will be restricted to their web area. Hope this may solve your problem.
Actually, this is happening at the shared hosted account level. A website is sometimes owned by several users. There are at times one of the black sheeps, will do nasty things like changing the password and forbid the other users to log in. Therefore, i have to reset the password each time.
The client actually request to limit the access of his partners within the cpanel. Any solution for that?