Ensures password policy enforces a password expiration
A strong password policy enforces minimum length, expirations, reuse, and symbol usage
Follow the appropriate remediation steps below to resolve the issue.
Log in to the AWS Management Console.
Select the “Services” option and search for IAM.
Scroll down the left navigation panel and choose “Account Settings” under “Access management”.
Under the “Password Policy” configuration panel scroll down and click on “Change password policy” button.
On the Set password policy page scroll down and check the “Enable password expiration”. If the “Enable password expiration” checkbox is not ticked then the password won’t expire in any number of days.
Click on the “Enable password expiration” checkbox and mention the days under “Expire passwords in (days)” so that the password will expire after the specified days. For better security reasons define the number of days to at least more than 90. Click on “Allow users to change their own password” as well.
Click on the “Save changes” button to make the necessary changes.
Now “Password Policy” will enforce a password expiration for all the IAM users.