IAM – Password

securing users

Password Policy

• Strong passwords = higher security for your account

• In AWS, you can setup a password policy:

• Set a minimum password length.

• Require specific character types:

  • including uppercase letters

  • lowercase letters

  • numbers

  • non-alphanumeric characters

• Allow all IAM users to change their own passwords.

• Require users to change their password after some time (password expiration)

• Prevent password re-use.

Multi Factor Authentication - MFA

• Users have access to your account and can possibly change configurations or delete resources in your AWS account.

• You want to protect your Root Accounts and IAM users.

• MFA = password you know + security device you own

• Main benefit of MFA: if a password is stolen or hacked, the account is not compromised.