Plugin Title Password Expiration
Cloud AWS
Category IAM
Description Ensures password policy enforces a password expiration
More Info A strong password policy enforces minimum length, expirations, reuse, and symbol usage
AWS Link http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html
Recommended Action Enable password expiration for the account


Detailed Remediation Steps

  1. Log into the AWS Management Console.
  2. Select the "Services" option and search for IAM.
  3. Scroll down the left navigation panel and choose "Account Settings".
  4. Under the "Password Policy" configuration panel scroll down and check the "Enable password expiration". If the "Enable password expiration" checkbox is not ticked then the password won't expire in any number of days.
  5. Click on the "Enable password expiration" checkbox and mention the days under "Password expiration period (in days)" so that the password will be expired after the defined days. For better security reasons define the number of days to at least more than 120.
  6. Click on the "Apply Password Policy" button to make the necessary changes.
  7. Now "Password Policy" will enforce a password expiration for all the IAM users.

Want to scan for this risk automatically?

Get Started Now