AWS-IAM-Password-Requires-Symbols

Severity: Medium

Description: This control ensures that option 'Require at least one non-alphanumeric character" is checked under password policy setting. IAM password policies can be used to ensure password are comprised of different character sets. It is recommended that the password policy require at least one symbol.

Remediation Steps:

Perform following to update IAM policy for IAM user :

  1. Login to the AWS Management Console at https://console.aws.amazon.com.

  2. Navigate to IAM console.

  3. On the Left Pane, click on Account Settings.

  4. Click on Update Password Policy.

  5. Check Requires at least one non-alphanumeric character.

  6. Click Apply password policy.

Important:

Reference:

Blue Hexagon Proprietary