I lost or forgot the password that I use to sign in to AWS and want to recover or change my password.
Resolution
How you recover a lost or forgotten password depends on how you sign in to AWS. To reset a password, you must have one of the following:
- Your AWS account email address that you used to create the account as the root user.
- Your AWS Identity and Access Management (IAM) username.
- Your AWS account number.
If you can't find this information, then see How do I sign in to my AWS account if my credentials don't work?
Note: If you know your password but you want to change it, then see Change the password for the AWS account root user.
To reset a root user password
Use your root user email address to reset a lost or forgotten root user password.
If you no longer have access to that email address, then see I don't have access to the email for my AWS account.
Important: If your account and Amazon.com retail account share the same login information, then updates to the root user credentials updates both accounts.
To reset an IAM password
If you sign in as an IAM user, then your account administrator manages your credentials. If you can't change your own IAM password, then contact your account administrator. If you're an administrator who's resetting an IAM user's credentials, then see Manage passwords for IAM users.
Troubleshooting account sign in issues
If you reset your password but can't sign in, then see What do I do if I'm having trouble signing in to or accessing my AWS account?
Secure your passwords and access keys
The main credentials that you use to access your account are passwords and access keys. It's not a best practice to use individual IAM users or account root users that have long-lived credentials for general access. However, if you must use an IAM user or root user, then secure the passwords and access keys as you do other confidential data. Never embed them in publicly accessible code, such as a public Git repository. For added security, frequently rotate and update all credentials.
If you suspect that a password or access key pair was exposed, then complete the following steps:
- Update the user access keys.
- Change your root user password.
- Follow the instructions in What do I do if I notice unauthorized activity in my AWS account?
For more information, see What are the best practices to secure my AWS account and its resources?
Related information
Recover an MFA protected identity in IAM
Update the AWS account name, email address, or password for the root user