Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

Severity: High

Description: This control ensures that optionĀ "Number of passwords to remember" is set to 24 in password policy setting. IAM password policies can prevent the reuse of a given password by the same user. It is recommended that the password policy prevent the reuse of passwords.

Remediation Steps:

Perform following to update IAM policy for IAM user :

  1. Login to the AWS Management Console at https://console.aws.amazon.com.

  2. Navigate to IAMĀ console.

  3. On the Left Pane, click on Account Settings.

  4. Click on Update Password Policy.

  5. Check Prevent password reuse.

  6. Set Number of passwords to remember is set to 24 or greater.

  7. Click Apply password policy.

Important:

Reference:

  • CIS Amazon Web Services Foundations Benchmark v1.3.0 - 08-07-2020: Recommendation #1.9

  • No labels

Blue Hexagon Proprietary