Changing your password - Amazon Web Services Management Console
Root usersIAM usersIAM Identity Center usersFederated identity
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Changing your password

You may be able to change your password from the Amazon Web Services Management Console depending on your user type and your permissions. The following topic describes how to change your password for each user type.

Root users

Root users can change their passwords directly from the Amazon Web Services Management Console. A Root user is the account owner with complete access to all Amazon services and resources. You're the root user if you created the Amazon account and you sign in using your root user email and password. For more information, see Root user in the Amazon IAM Identity Center User Guide.

To change your password as a Root user

  1. Sign in to the Amazon Web Services Management Console.

  2. In the navigation bar, choose your account name.

  3. Choose Security credentials.

  4. The options displayed will vary depending on your Amazon Web Services account type. Follow the instructions shown on the console to change your password.

  5. Enter your current password once and your new password twice.

    The new password must be at least eight characters long and must include the following:

    • At least one symbol

    • At least one number

    • At least one uppercase letter

    • At least one lowercase letter

  6. Choose Change Password or Save changes.

IAM users

IAM users may be able to change their password from the Amazon Web Services Management Console depending on their permissions. Otherwise, they must use an Amazon access portal. An IAM user is an identity within your Amazon account that's granted specific custom permissions. You're an IAM user if you didn't create the Amazon account and your administrator or help desk employee provided you your sign-in credentials that include an Amazon account ID or account alias, an IAM user name, and password. For more information, see IAM user in the Amazon Sign-In User Guide.

If you have permissions from the following policy: Amazon: Allows IAM users to change their own console password on the Security credentials page, you can change your password from the console. For more information, see How an IAM user changes their own password in the Amazon Identity and Access Management User Guide.

If you don't have the requisite permissions to change your password from the Amazon Web Services Management Console see, Resetting your Amazon IAM Identity Center user password in the User Guide.

IAM Identity Center users

Amazon IAM Identity Center users must change their password from an Amazon access portal. For more information, see Resetting your Amazon IAM Identity Center user password in the User Guide.

An IAM Identity Center user is a user whose Amazon account is part of Amazon Organizations who signs in through the Amazon access portal with a unique URL. These users can be either created directly in the users in IAM Identity Center or in Active directory or another external identity provider. For more information, see Amazon IAM Identity Center user in the Amazon Sign-In User Guide.

Federated identity

Federated identity users must change their password from an Amazon access portal. For more information, see Resetting your Amazon IAM Identity Center user password in the User Guide.

Federated identity users sign in using an external identity provider (IdP). You're a federated identity if you either:

  • Access your Amazon account or resources with third party credentials like Login with Amazon, Facebook, or Google.

  • Use the same credentials to sign in to corporate systems and Amazon services and you use a custom company portal to sign-in to Amazon.

For more information, see Federated identity in the Amazon Sign-In User Guide..