ACCT.06 Enforce a password policy - AWS Prescriptive Guidance

ACCT.06 Enforce a password policy

Users log in to the AWS Management Console by providing sign-in credentials, and MFA is recommended. Require that passwords adhere to a strong password policy to help prevent discovery through brute force or social engineering.

For more information about the latest recommendations for strong passwords, see Password Policy Guide on the Center for Internet Security (CIS) website.

For IAM users, you can configure password requirements in a custom IAM password policy. For more information, see Setting an account password policy (IAM documentation).

To create a custom password policy
  1. Sign in to the AWS Management Console and open the IAM console.

  2. In the navigation pane, choose Account settings.

  3. In the Password policy section, choose Change password policy.

  4. Select the options that you want to apply to your password policy, and then choose Save changes.