IAM password policies should prevent reuse of the four previously used passwords

Description

IAM password policies should prevent users from reusing any of their previous 4 passwords. Preventing password reuse increases account resiliency against brute force login attempts.

Console Remediation Steps

• Navigate to Identity and Access Management.

• In the left navigation, select Account Settings.

• Check Prevent password reuse.

• In Number of passwords to remember, enter 4.

• Click Apply password policy.

CLI Remediation Steps

• To update a password policy to prevent reuse of the four previously used passwords:

  • [--password-reuse-prevention 4]

Documentation Links

• Setting a Password Policy (Console)

• Setting a Password Policy (AWS CLI)

• Update Account Passwprd Policy via CLI