Force to Reset Password

[LTU_btc]

I have account on one forum where users must change their passwords every 2 month and I really hate this thing. I use "always stay logged-in" thing on that forum, so when they ask me to change my password I have to remember my old passwor, and sometimes it's not that easy task. Also, then I have to create new password and remember it. It's inconvenient and I'm not sure that it adds much security. Even if you will change your password daily, it won't protect you from phishing websites and similar shit.

[Thirdspace]

If hackers be able to steal users account info somehow still then they will not be able to use it for a long time due to force password system.

why would hackers unable to use it forever?
this force password reset system would still be useless without email confirmation link
even with confirmation link, hackers would just change the registered email right after they hacked the account
because changing email (on this forum) doesn't require clicking on confirmation link, just provide locking mechanism
mandatory password reset would just give headache, makes us memorizing new password every 2 months

In my opinion if this force password system implement by our forum then it will not be easier for hackers to hack users account.

using a good combination of lowercase, uppercase letters, numbers and symbols as password should be enough
even with only 10 characters long password, it wouldn't be that easy brute forced by hackers 

[madnessteat]

~I have account on one forum where users must change their passwords every 2 month and I really hate this thing.~

I also do not see any additional protection in such actions. I think that frequent password changes only cause inconvenience to users. It is better to have a strong password and of course different for each website.

[tranthidung]

The OP's suggestion is unnecessary, in general.
As you mentioned below, hackers can hack both the forum accounts and emails used to register accounts.
Most of the time, hackers got accounts from hacked emails.

why would hackers unable to use it forever?
this force password reset system would still be useless without email confirmation link
even with confirmation link, hackers would just change the registered email right after they hacked the account
because changing email (on this forum) doesn't require clicking on confirmation link, just provide locking mechanism

The most interesting thing implemented by our beloved admin, theymos, is if one account changes registered emails two times, the account will be locked, and confirmation link will be sent to the original email to unlock account.
In reality, the security mechanism has shown its power to clean out all hacked accounts.
As usualy, theymos has demonstrated that he is not too dumb to give hackers so many free space to use the forum as their land-fills.

[GreatArkansas]

This is a very rare function for every website and I never have seen this before. It is okay but there are still some disadvantages to the website and also to the user. Why not? there is an option on our account settings or before creating an account that there's a choice if we want to activate the force to reset the password for every month or any time frame?