IAM password policies should prevent reuse of the four previously used passwords

Description

IAM password policies should prevent users from reusing any of their previous 4 passwords. Preventing password reuse increases account resiliency against brute force login attempts.

Console Remediation Steps

  • Navigate to Identity and Access Management.

  • In the left navigation, select Account Settings.

  • Check Prevent password reuse.

  • In Number of passwords to remember, enter 4.

  • Click Apply password policy.

CLI Remediation Steps

  • To update a password policy to prevent reuse of the four previously used passwords:

    • [--password-reuse-prevention 4]