IAM password policy should require user passwords to expire within 90 days

iam
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Description

IAM password policies enforce rules for user passwords in AWS. One of these rules is defining the password expiration timeframe. Requiring user passwords to expire within 90 days is a best practice to enhance security. This policy reduces the risk of compromised accounts due to prolonged use of the same password, ensuring periodic updates that safeguard against potential threats.

Remediation

From the console

See the Setting an AWS IAM Password Policy doc for console remediation steps to enforce a 90-day expiration policy.