Strong passwords and policies are the first line of defense against unauthorized access & tampering. It is imperative to have a strong implementation for such a policy when using AWS cloud. Here are some of the examples –
Enabling IAM Password Policy
Weak IAM password policies or absence thereof may result in compromised account or even takeover. It is strongly recommended to audit AWS account periodically and ensure proper configuration.
How to Audit AWS Account Password Policy
- Login to AWS console and navigate to IAM service (#1 in screen below)
- Click on “Apply an IAM password policy” (#2 in screen below)
- If it is green then AWS IAM password policy is in effect and we can proceed to reviewing its settings.
It is highly recommended to have following settings enabled (See screenshot below) –
- Require uppercase letter in password
- Require lowercase letter in password
- Require number in password
- Require special character in password
- Enable password expiration in 30 days
- Prevent last 5 password reuse
After checking the rules off in the screen above “Apply Password Policy” to remediate, the security gap.