Vulnerabilities
Misconfiguration
Runtime Security
Compliance
AWS > Iam > No Password Reuse
MEDIUM
Source
Trivy/CSPM
CSPM ID
password-reuse-prevention
Frameworks

CIS AWS 1.2

CIS AWS 1.4

ID
AVD-AWS-0056
management_console terraform

IAM Password policy should prevent password reuse.

IAM account password policies should prevent the reuse of passwords.

The account password policy should be set to prevent using any of the last five used passwords.

Impact

Password reuse increase the risk of compromised passwords being abused

Follow the appropriate remediation steps below to resolve the issue.

  1. Log into the AWS Management Console.
  2. Select the “Services” option and search for IAM. Step
  3. Scroll down the left navigation panel and choose “Account Settings”. Step
  4. Under the “Password Policy” configuration panel scroll down and check the “Prevent password reuse “. If the checkbox is not selected than the password policy does not prevents the reuse of password.Step
  5. Repeat steps number 3 and 4 to prevent reuse of password .
  6. Click on the checkbox next to “Prevent password reuse” so “Password Policy” prevents reuse of the older passwords. Enter the “Number of passwords to remember” to 24 . Step
  7. Click on the “Apply Password Policy” button to make the necessary changes.Step

Prevent password reuse in the policy

1
2
3
4
5

resource "aws_iam_account_password_policy" "good_example" {
  # ...
  password_reuse_prevention = 5
  # ...
}
Aqua SaaS Plans
The fastest track to get started with Aqua
Start Now
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2022 Aqua Security Software Ltd.   Privacy Policy | Terms of Use