How to Prevent Password Reuse in a Password Policy
Password Requirements for IAM Users
In AWS password policies, you can specify a minimum of one and a maximum of 24 previous passwords that cannot be reused. We recommend going with the maximum and setting AWS IAM password policies to prevent password reuse for the last 24 passwords. This ensures that users are creating new, unique passwords each time they generate a password. In this demo, AWS expert Mike Wise will teach you how to view and modify the password reuse requirement within your password policy.
- From the AWS Management Console, navigate to the IAM Dashboard.
- Click on Account Settings, which will bring up the Password Policy box. This box tells you what your current password policy requires of an AWS IAM user.
- To modify the policy, hit Change Password Policy. This brings you to a screen where you can edit your password policy requirements, including password reuse.
- The last line gives you the option to enable Prevent Password Reuse and stipulate how many previous passwords will be remembered and prevented from reuse. For example, if this number is set to 12, that means a user cannot generate a new password that is the same as the last 12 passwords.
For a visual guide on how to modify your password reuse requirement, watch the full demo. To learn more about password policies for IAM users, read here.
Transcription
So, we have logged in to the AWS Management Console. We’re going to search for “IAM.” This will take us to the IAM screen and from this we’re going to look at “Account Settings.” In the “Account Settings,” we’re going to be able to change or set the password policy. We’re going to look at this “Password Policy.” If we look at the “Prevent Password Reuse” line, we see that it is set to “12.” What this will do is ensure that users cannot use the same password as the last 12 passwords. By doing this, it ensures that users are creating new, unique passwords each time they generate a password.