AWS IAM users access AWS resources using different types of credentials, such as passwords or access keys. We recommend that all credentials that have been unused for 90 or greater days be removed or deactivated. Disabling or removing unnecessary password access to an account reduces the risk of credentials being misused.
To manually remove or deactivate credentials:
- Log in to the AWS Management Console as an IAM user at https://console.aws.amazon.com/iam/.
- Navigate to IAM Services.
- Select Users.
- Select Security Credentials.
- Select Manage Console Password, then select Disable.
- Click Apply.
- If there is an unused access key, disable or delete the key.
Updated 12 months ago