AWS-IAM-Password-Reuse-Prevention

Severity: Medium

Description: This control ensures that option "Number of passwords to remember" is set to 24 in password policy setting. IAM password policies can prevent the reuse of a given password by the same user. It is recommended that the password policy prevent the reuse of passwords.

Remediation Steps:

Perform following to update IAM policy for IAM user :

1. Login to the AWS Management Console at https://console.aws.amazon.com.

2. Navigate to IAM console.

3. On the Left Pane, click on Account Settings.

4. Click on Update Password Policy.

5. Check Prevent password reuse.

6. Set Number of passwords to remember is set to 24 or greater.

7. Click Apply password policy.

Important:

Reference:

• CIS Amazon Web Services Foundations Benchmark v1.3.0 - 08-07-2020: Recommendation #1.9