How to resolve Sprnito check for configuring password policies on AWS accounts
About:
Sprinto check: Password policy configured for all AWS accounts
The above-mentioned Sprinto check verifies that a password policy is configured and enforced for all AWS accounts within your organization. A password policy defines requirements for password complexity, expiration, and other security settings.
Purpose:
This Sprinto check aims to ensure that strong password policies are in place for all AWS accounts, promote better security practices, and reduce the risk of unauthorized access. By enforcing a password policy, you can ensure that user passwords meet minimum complexity requirements, are rotated regularly, and adhere to other security guidelines, such as preventing password reuse or enforcing account lockout after a specified number of failed login attempts.
How to fix this check:
Follow the below steps to resolve this check:
Before you begin
Ensure you have the administrator privilege to manage AWS account password policies.
Configuring Password Policy
Follow the below steps to configure the password policy:
Log in to AWS Console using your credentials.
Navigate to the AWS IAM service.
Click on Account Settings under Access Management from the left-side navigation bar.
Ensure the Password policy is configured.
If the Password policy isn’t configured, click Change password policy.
Configure the desired password policy settings, such as minimum password length, complexity requirements, expiration period, and account lockout settings.
Click Save Changes to apply the new password policy.
Repeat the above steps for any other AWS accounts within your organization that do not have a password policy configured.
Sprinto will detect the configuration change and set the related Sprinto check’s status to "Passing.”
Contact Sprinto support if you have any queries related to the check or need assistance.