Aqua CSPM

Minimum Password Length

Quick Info

Plugin TitleMinimum Password Length
CloudAWS
CategoryIAM
DescriptionEnsures password policy requires a password of at least a minimum number of characters
More InfoA strong password policy enforces minimum length, expirations, reuse, and symbol usage
AWS Linkhttp://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html
Recommended ActionIncrease the minimum length requirement for the password policy

Detailed Remediation Steps

  1. Log into the AWS Management Console.
  2. Select the “Services” option and search for IAM.
  3. Scroll down the left navigation panel and choose “Account Settings”.
  4. Under the “Password Policy” configuration panel scroll down and check the “Minimum Password Length”. If the password length is set less than 8 characters than the password security is at risk.
  5. Click on the “Minimum Password Length” checkbox and mention the minimum characters required to 14. Click the checkbox against “Require at least one uppercase letter” and “Require at least one lowercase letter” to make the password more secure.
  6. Click on the “Apply Password Policy” button to make the necessary changes.
  7. Now “Password Policy” requires at least 14 characters with one uppercase and one lowercase character for a strong and secure password.