For AI agents: A markdown version of this page is available at https://docs.datadoghq.com/security/default_rules/ayr-n9s-q87.md. A documentation index is available at /llms.txt.

Password policy should require at least 14 characters

iam

Description

Password policies are employed to enforce password complexity requirements, ensuring passwords have a minimum length. Datadog recommends that the password policy requires a minimum password length of 14 characters to enhance security.

Enforcing a password complexity policy increases account resiliency against brute force login attempts and improves the overall security posture of your AWS account.

Remediation

For instructions on setting a minimum password length in IAM password policies, refer to Managing an IAM User Password Policy.