Description

Password policies are used to enforce the creation and use of password complexity. Your IAM password policy should require passwords to be rotated or expired within a specified timeframe, we recommend passwords expire after 90 days or less. Reducing the lifetime of a password by enforcing regular password changes increases account resilience.

Remediation

To ensure that a password policy expiration is enforced with a defined threshold of 90 days, you can take the following remediation steps:

  1. Enable password policy - Ensure that a password policy is enabled for the AWS account or IAM users. You can do this in the AWS Management Console or through the AWS CLI.
  2. Set password expiration - Set the password expiration period to 90 days. You can do this in the password policy settings in the AWS Management Console or through the AWS CLI.
  3. Notify users of password expiration - Notify the IAM users that their passwords will expire in 90 days, so they can plan accordingly and avoid any disruption in service.
  4. Enforce password change - When the password expiration period is reached, enforce the password change policy to ensure that users change their passwords. You can configure this in the password policy settings in the AWS Management Console or through the AWS CLI.
  5. Monitor password expiration - Monitor the password expiration status for IAM users to ensure that they are complying with the password policy. You can use AWS CloudTrail or third-party tools to monitor password expiration and other security events.

By following these remediation steps, you can ensure that the password policy is enforced with a defined threshold of 90 days, and that IAM users are notified and forced to change their passwords within the specified timeframe. This helps to maintain the security of the AWS account and data by ensuring that passwords are regularly updated and not vulnerable to potential attacks due to outdated or weak passwords.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.