Finaly, i found the problem and i could solve it. SHA-256 is too weak to make a password hash, this is why on first login we need to change password always.

Please fix it in Yocto manual. When i set it to generate sha512crypt hash it works fine, there are no any change request on first login.