Prevent user to use the same password in Cognito

0

Hi !

Is there a way to prevent a user to use the same password as before when using AdminResetUserPassword (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminResetUserPassword.html) ?

Romain
asked 4 months ago156 views
2 Answers
2
Accepted Answer

Hello,

At this point, AWS Cognito doesn't prevent users from setting previously used passwords.

https://repost.aws/questions/QUsFS2KDcSQTKzBGGuwN-7BA/congito-disabling-password-reuse-last-x-passwords

profile picture
EXPERT
answered 4 months ago
profile picture
EXPERT
reviewed 4 months ago
0

Cognito now supports the restriction of re-using the old passwords. You can configure it in the password policy of the user pools. https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security-password-reuse.html.

Kamal
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions