Description:
Password policies are, in part, used to enforce password complexity requirements. IAM password policies can be used to ensure password are at least a given length. It is recommended that the password policy require a minimum password length 14.
Rationale:
Setting a password complexity policy increases account resiliency against brute force login attempts.
Perform the following to set the password policy as prescribed:
From Console:
From Command Line:
aws iam update-account-password-policy --minimum-password-length 14
Note: All commands starting with "aws iam update-account-password-policy" can be combined into a single command.
Perform the following to ensure the password policy is configured as prescribed:
From Console:
From Command Line:
aws iam get-account-password-policy
Ensure the output of the above command includes "MinimumPasswordLength": 14 (or higher).