I know it is advisable to change our passwords every now and then. This helps in preventing stolen passwords up to a certain degree. However, to force your users to change their passwords before they can proceed is like having an overprotective father in law watching over your back.
Let me introduce to you, your overprotective father in law from your past life — PayPal.
When I logged into my PayPal account a while ago, I was
required literally forced to change my password or else clicking on anything on the PayPal website (except the logout link) will load up the screen below.
I had to think hard for a new password that is hard to guess yet easy to remember. After entering the new password and confirming my email address, I have control over my
wife PayPal account again.