By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

IAM User log in credentials stop working

0

As the root account holder, I have created an IAM User account for myself. This is recommended as a best practice. After creating the new IAM User account I am able to log into it the first time. But after I log out of the IAM User account, I can't log back into it a second time. Instead I get a message that says "Your authentication information is incorrect. Please try again." I try to reenter my log in credentials two or three times. I very carefully check to make sure I'm entering the information correctly. I get the 'authentication incorrect' message everytime. To fix the problem I have to log back in as the root user and reset the PW for the IAM User. I have now done this 4 times. I'm running out of ideas for new passwords!! And it just recently started doing this in the past couple fo days. Before that, no problem logging back in using my IAM User credentials. HELP!! What am I doing wrong here?

Topics
Security, Identity, & ComplianceManagement & Governance
Tags
AWS Identity and Access ManagementAWS Account ManagementIAM Policies
Language
English
Jack
asked 3 months ago223 views
1 Answer
0

Hello, From the information provided, it sounds like the IAM user is able to log in to the AWS console using the password created by the root account. When re-setting the users password on your next try, please ensure that User must create a new password at next sign-in is not selected. If the user is required to create a new password on log-in, but does not have IAM permissions to create a password, they will not be able to use the generated password for a second log-in.

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_admin-change-user.html#id_credentials_passwords_admin-change-user_console

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html

AWS
Jack S
answered 3 months ago
  • Jack
    3 months ago

    Thanks, however I am using IAM Identity Center and not IAM, and this IAM user doesn't show up under the IAM console, only in the IAM Idendity Center console. I can't find anywhere in the IAM Identity center where I can change this policy.

  • Jack
    3 months ago

    OK, I think I may have found one of my problems. When setting up an IAM Identity Center user, there's a setting that sets the maximum length of a session. It was set to 12 hours. So when I tried to log in the next day the log in would fail. I just reset it to 90 days. We'll see if that helps. Although that doesn't explain why it failed, if I logged out of the IAM User account and then tried to log back in on the same day.

  • Jack
    3 months ago

    BTW, AWS is now recommending using IAM Identity Center and not using IAM as a best practice - FYI.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content