ACCT.06 – Enforce a password policy

Users log in to the AWS Management Console by providing sign-in credentials, and MFA is recommended. Require that passwords adhere to a strong password policy to help prevent discovery through brute force or social engineering.

For more information about the latest recommendations for strong passwords, see Password Policy Guide on the Center for Internet Security (CIS) website.

For IAM users, you can configure password requirements in a custom IAM password policy. For more information, see Setting an account password policy (IAM documentation).

To create a custom password policy

Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam.
In the navigation pane, choose Account settings.
In the Password policy section, choose Change password policy.
Select the options that you want to apply to your password policy, and then choose Save changes.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

ACCT.05 – Require MFA

ACCT.07 – Log events