I'm in the camp where I don't want systems to do fancy validations on passwords but I do think expiring passwords is not a bad idea. The thing is that many times your password can get stolen and you might not even know it. I've seen people writing down their passwords on sticky notes, saving in Chrome, get stolen by fake apps etc. At least for Windows, expiring passwords wasn't huge pain because of integrated authentication everywhere.