Password policies are used to enforce the creation and use of password complexity. Your IAM password policy must prevent reuse of passwords. Each password should be brand new to increase security, especially from a brute force attack.
To change the password policy in the AWS Console you will need appropriate permissions to View Identity Access Management Account Settings.
To manually set the password policy with a minimum length, follow these steps:
- Log in to the AWS Management Console as an IAM user at https://console.aws.amazon.com/iam/.
- Navigate to IAM Services.
- On the Left Pane click Account Settings.
- Select Prevent password reuse.
- For Number of passwords to remember" enter 24**.
- Click Apply password policy.
To change the password policy, use the following command:
aws iam update-account-password-policy --password-reuse-prevention 24
Updated 12 months ago