Ensure IAM Passwords can not continually be reused
IAM allows for creating users directly with in the AWS console for end users to be allowed to interact with the various services that AWS offers. Password policies should follow that of what industry standards state for the enterprise, do not allow a password to be reused for up to 24 times. This ensures that people do not set there password back to a previous version every time there is a requirement to reset there password. For this reason it is considered a security best practice not keep using the same password. Ensuring that it is restricted will help you with CIS and NIST Compliance.