Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Ensure IAM Password Policy Requires at Least One Symbol Rule

This rule ensures that IAM password policy mandates the inclusion of at least one symbol for enhanced security measures.

RuleEnsure IAM password policy requires at least one symbol
FrameworkGeneral Data Protection Regulation (GDPR)
Severity
Medium

Rule Description:

The IAM password policy for General Data Protection Regulation (GDPR) should enforce the usage of at least one symbol in passwords to ensure the security and compliance of user accounts within the organization. This requirement aims to prevent unauthorized access to sensitive data and comply with GDPR regulations related to data protection.

Troubleshooting steps:

  1. 1.
    Validate the current IAM password policy settings to confirm if the symbol requirement is enabled.
  2. 2.
    Check if any users' passwords violate the symbol requirement.
  3. 3.
    Ensure that all users are aware of the password policy and adhere to it.
  4. 4.
    Provide necessary guidelines and resources to users if they encounter issues creating a new password with a symbol.

Necessary Code:

No code is required for this policy, as it involves the configuration of the IAM password policy settings within the AWS Management Console.

Step-by-step Guide for Remediation:

  1. 1.
    Log in to the AWS Management Console.
  2. 2.
    Open the IAM console.
  3. 3.
    In the left navigation pane, click on "Account settings."
  4. 4.
    Scroll down to the "Password policy" section.
  5. 5.
    Ensure that the "Require at least one symbol" checkbox is selected.
  6. 6.
    Click on the "Apply password policy" button to save the changes.

This configuration change will enforce the requirement of at least one symbol in the passwords of all IAM users.

Note:

Make sure to communicate the updated password policy to all IAM users and provide any necessary assistance or resources they might need to comply with the new policy. Regularly remind users to change their passwords to align with the updated policy and emphasize the importance of maintaining strong passwords in accordance with the GDPR regulations.

Is your System Free of Underlying Vulnerabilities?
Find Out Now