Last updated：2021-10-29 17:57:25
This topic describes how to configure security policies for IAM users to ensure account security.
In the Password Security Settings panel, set the required parameters. (1) Save MFA Logon Status for 7 Days: specifies whether to allow IAM users to keep the multi-factor authentication (MFA) devices logged in for seven days. This parameter is set to Not Enabled by default. (2) Logon Session Valid for: the validity period of the login session of IAM users, in minutes. Valid values: 15 to 1,440. (3) Logon Address Mask: the IP addresses that can be used to log in to the console. This parameter is unspecified by default, indicating that all IP addresses can be used for login. If a mask is specified, only the IP addresses specified by the mask can be used for password login or single sign-on (SSO). However, IAM users can use their AccessKeys to call API operations for login from all IP addresses regardless of the mask setting.