Password rotation is a healthy security behaviour as it ensures that any passwords that may have been leaked, either due to a reuse, or breach, or inadvertently by the user, become irrelevant. The AWS CIS Foundations Benchmark also flags an IAM user whose password has not been changed in the last 90 days as non-compliant. It is recommended to change your password periodically and never reuse it on another site or service.
AWS allows to manage passwords for the users. In this article we will go through the steps to change the password for an IAM user using AWS console.
Following are the steps to change the password for an IAM user via AWS console:
Login to AWS Management Console and navigate to IAM service
Under Access management on IAM dashboard, go to Users
We can see the Password age column for each user. This indicates how old is a user’s console password
To update a user’s console password, click on the user name for that user
On Summary page, click on Security credentials tab
Click on Manage console access button
Select one of the 3 options under Set password section
Check the User must create new password at next sign-in checkbox if you require the user to set a new password during their next sign-in, else if you are setting the new password to be used for user login in step 7 itself, then you can skip this step
Finally, click on Apply button
