Back to All Checks
Low IAM

Ensure IAM password policy expires passwords within 90 days or less

CISISO 27001HIPAA

Description

This check ensures that the IAM password policy is configured to expire passwords within 90 days or less.

Remediation

To configure the IAM password policy to expire passwords within 90 days or less, follow these steps:

Steps

  1. Sign in to the AWS Management Console with an account that has IAM permissions.
  2. Open the IAM console at https://console.aws.amazon.com/iam/.
  3. In the navigation pane, click on 'Account settings'.
  4. Scroll down to the 'Password policy' section.
  5. Click on 'Edit password policy'.
  6. Under 'Password expiration', check the box for 'Enable password expiration'.
  7. Set 'Password expiration period' to 90 days or less.
  8. Click on 'Save changes' to apply the new password policy.

Compliance

CISISO 27001HIPAA
Start Your Free Security Check