Add a datePasswordChanged attribute to your user object (that inherits from system$user), and a boolean attribute forcePasswordChange. Add an onchange event on the password field. The microflow connect to that event has to set the datePasswordChanged attribute to the system time.
Futhermore add an montly scheduled event that checks for each user if the day space between system time and the datePasswordChanged attribute of the user. If that's > 30 set the attribute forceChange to true.
Now forcing password change is quite simple. Add an after login (in navigation there's an option start page, and you can connect a microflow to it ) microflow that checks the forceChange attribute. If true open a modal popup where the user can changes password. So the user have to change (you can check in before commit) his password before he can save and navigate away.
OnChange event on the password field, save a date attribute, add scheduled event that checks (daily) whether date attribute is less than 30 days old, add logic that forces the user to change his password if not (eg. custom startpage with no buttons except a password change field, on change event to return to the normal homepage).
There are probably better ways to do this though ;-)