Authentication

Password Policy does not Prevent Password Reuse

Description

IAM password policies can prevent the reuse of a given password by the same user. It is recommended that the password policy prevent the reuse of a user's last 24 passwords.
  • Recommended Mitigation

    Make sure you have password policy configured and edit the password policy to prevent reuse of passwords, and ensure it is set to prevent the use of the last 24 passwords