IAM policy is not set to prevent password reuse
Incident Management is now generally available! Incident Management is now generally available!
<  Back to rules search

IAM policy is not set to prevent password reuse

iam

Classification:

compliance

Overview

Description

IAM password policies can prevent the reuse of a given password by the same user. It is recommended that the password policy prevent the reuse of passwords.

Rationale

Preventing password reuse increases account resiliency against brute force login attempts.

Remediation

See the CIS AWS Foundations Benchmark controls docs for console remediation steps.

Impact

None

Default Value

None

References

  1. CCE-78908-1

CIS Controls

4.4 Use unique passwords where multi-factor authentication is not supported (such as local administrator, root, or service accounts), accounts will use passwords that are unique to that system.