Authentication

Password Policy does not Prevent Password Reuse

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

IAM password policies can prevent the reuse of a given password by the same user. It is recommended that the password policy prevent the reuse of a user's last 24 passwords.

  • Recommended Mitigation

    Make sure you have password policy configured and edit the password policy to prevent reuse of passwords, and ensure it is set to prevent the use of the last 24 passwords

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.