IAM Password policy should prevent password reuse.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | iam |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
The IAM account password policy does not prevent users from reusing recent passwords, allowing them to set the same password as one of their last few. This weakens password security by making it easier for compromised credentials to be reused.
Impact#
If exploited, attackers or unauthorized users could repeatedly use previously compromised passwords, increasing the risk of unauthorized access and making it harder to contain account breaches. This undermines password rotation policies and can lead to persistent account compromise.
Resolution#
Prevent password reuse in the policy