How do I force a user to change the password periodically?

Password Expiration

When creating user accounts, you should make it a policy to have a minimum and maximum password age forcing users to change their passwords when they expire.

To easily view the current status of a user account, use the following syntax:

sudo chage -l username

one@onezero:~$ sudo chage -l one
Last password change                    : Feb 15, 2012
Password expires                    : never
Password inactive                   : never
Account expires                     : never
Minimum number of days between password change      : 0
Maximum number of days between password change      : 99999
Number of days of warning before password expires   : 7

To set any of these values, simply use the following syntax, and follow the interactive prompts:

sudo chage username

The following is also an example of how you can manually change the explicit expiration date (-E) to 01/31/2012, minimum password age (-m) of 5 days, maximum password age (-M) of 90 days, inactivity period (-I) of 5 days after password expiration, and a warning time period (-W) of 14 days before password expiration.

sudo chage -E 01/31/2012 -m 5 -M 90 -I 30 -W 14 username

To verify changes, use the same syntax as mentioned previously:

sudo chage -l username

For More Help

I think you want to use the command passwd --maxdays, from the man pages:

passwd - change user password

-x, --maxdays MAX_DAYS
    Set the maximum number of days a password remains valid. After MAX_DAYS,
    the password is required to be changed.

The paramater --warndays might also be of interest. There is a related question at serverfault.