Ensure password policy requires at least one lowercase character for AWS IAM Account Password Policy

LOW

Description

Lower case alphabet not present in the password, password complexity is not high enough. Thus, chance of brute force attack increases.

Remediation

Password policy for AWS accounts can be created and managed in AWS Console.
In AWS Console -

  1. Sign in to the AWS Console and go to the IAM console.
  2. Choose Account settings in the navigation pane.
  3. Select 'Change password policy' in the Password policy section.
  4. Select the password policy configuration.
  5. Select Save changes.