Skip to main content

πŸ’Ό 8.3.9 If passwords/passphrases are used as the only authentication factor for user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed.

Description​

Empty...

Similar​

  • Sections
    • /frameworks/pci-dss-v4.0/08/03/09
    • /frameworks/aws-fsbp-v1.0.0/iam/03
    • /frameworks/aws-fsbp-v1.0.0/secrets-manager/01
    • /frameworks/aws-fsbp-v1.0.0/secrets-manager/02
    • /frameworks/aws-fsbp-v1.0.0/secrets-manager/04

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [IAM.3] IAM users' access keys should be rotated every 90 days or less11
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [SecretsManager.1] Secrets Manager secrets should have automatic rotation enabled
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [SecretsManager.2] Secrets Manager secrets configured with automatic rotation should rotate successfully
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [SecretsManager.4] Secrets Manager secrets should be rotated within a specified number of days
πŸ’Ό PCI DSS v4.0 β†’ πŸ’Ό 8.3.9 If passwords/passphrases are used as the only authentication factor for user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed.1

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό PCI DSS v4.0 β†’ πŸ’Ό 8.3.9 If passwords/passphrases are used as the only authentication factor for user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed.1

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (1)​

PolicyLogic CountFlags
πŸ“ AWS IAM User Access Keys are not rotated every 90 days or less 🟒1🟒 x6