This rule checks whether the password policy for your account meets the specified requirements. If the requirements are met, the account is considered compliant.
Scenarios
Checking the password policy for your account ensures that all users follow strong password rules, which effectively prevents security vulnerabilities and data breach risks caused by weak passwords.
Risk level
Default risk level: high.
You can change the risk level as needed.
Detection logic
This rule checks whether the password policy for your account meets the specified requirements. If the requirements are met, the account is considered compliant.
Rule details
Parameter | Description |
Rule name | Check the password policy for your account |
Rule identifier | |
Automatic remediation | Not supported |
Trigger frequency | Periodic: Every 24 hours |
Supported resource types | ACS::::Account |
Input parameters | hardExpire (default value: true) maxLoginAttemps (default value: 5) maxPasswordAge (default value: 90) minimumPasswordLength (default value: 8) passwordReusePrevention (default value: 3) requireCharTypeCount (default value: 3) |
Remediation guidance
For more information, see Set a password policy for RAM users.