I really hate password/PIN code expiration. It WORSENS security, because you're forced to remember a new password/PIN and after forgetting it a few times will probably write it down. Or you might be tempted to use an easier to remember and less secure password.

NIST no longer recommends expiring credentials regularly. PLEASE STOP DOING THIS.