If, for whatever reason, your password ends up somewhere (even some sort of keyboard buffer?), but is found a couple months later, then it can't be used anymore.
It's also a similar rationale to password resets. The e-mail might end up in some leak somewhere (see WikiLeaks), but the link won't be valid anymore.
It doesn't stop all classes of security issues, but it does make the data time-sensitive. Think about all the account leaks that happen. The data is rarely current (usually a year+ old).
For example, imagine if someone compromises one of your backups. Some hard drives were stolen from the office or something. In there you had your password written in a text file ( because you're that kind of person). The attacker still doesn't have access to your computer. But they do have access to your password from the time of backup.
A disgruntled employee remembers the password of a former coworker. At one point the password will change, so the window of opportunity is smaller.
It's not perfect, obviously, but in a lot of office environments passwords are easy to gleam.
Another argument for password rotation: it usually forces people to keep different passwords per service. Without rotation, people tend to use the same password for everything
There's a trade-off, but it doesn't accomplish nothing
It's also a similar rationale to password resets. The e-mail might end up in some leak somewhere (see WikiLeaks), but the link won't be valid anymore.
It doesn't stop all classes of security issues, but it does make the data time-sensitive. Think about all the account leaks that happen. The data is rarely current (usually a year+ old).