LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: AWS Certified Solutions Architect - Associate (SAA-C03) Cert Prep

Unlock this course with a free trial

Join today to access over 24,300 courses taught by industry experts.

Credential rotation

Credential rotation - Amazon Web Services (AWS) Tutorial

From the course: AWS Certified Solutions Architect - Associate (SAA-C03) Cert Prep

Start my 1-month free trial Buy for my team

Credential rotation

“

- The final concept we need to talk about specifically related to passwords is the credential rotation procedures that we want to implement. Or to put it more simply, password changes. We want to make sure that users are changing their password on some regular basis, and we can actually enforce this within AWS password policies. But I want to talk to you briefly, before I show you that, about why you might want to do this. The key thing is that it reduces vulnerabilities. So, first of all, it limits the time for an attack. If you require that your users change their passwords every 30 days it means that an attacker has a 30 day window to figure out what that password is. If they figure it out on day 29.9 then, in just a few hours it's going to be changed, right? So even if they did figure it out, they have a limited time of using it before that password's changed. Now, the reality is we hope they don't figure it out. There…

Contents