Vulnerabilities
Misconfiguration
Runtime Security
Compliance
AWS > IAM >

Password Expiration

MEDIUM
Source
CloudSploit
ID
password-expiration
management console

Password Expiration

Ensures password policy enforces a password expiration

A strong password policy enforces minimum length, expirations, reuse, and symbol usage

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the AWS Management Console.

  2. Select the “Services” option and search for IAM. Step

  3. Scroll down the left navigation panel and choose “Account Settings” under “Access management”. Step

  4. Under the “Password Policy” configuration panel scroll down and click on “Change password policy” button.Step

  5. On the Set password policy page scroll down and check the “Enable password expiration”. If the “Enable password expiration” checkbox is not ticked then the password won’t expire in any number of days. Step

  6. Click on the “Enable password expiration” checkbox and mention the days under “Expire passwords in (days)” so that the password will expire after the specified days. For better security reasons define the number of days to at least more than 90. Click on “Allow users to change their own password” as well.Step

  7. Click on the “Save changes” button to make the necessary changes.Step

  8. Now “Password Policy” will enforce a password expiration for all the IAM users.

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use