Ben Oram

Quick notes on tech, AWS, .NET & containers

on AWS Generated Passwords for Windows

#aws #ec2 #windows

When launching a Windows instance via an AWS AMI, a password is automatically generated, and encrypted using the keypair associated with the instance.

As a best practice, this generated password should be changed. Many folks choose to create a new local administrator account with a unique username, and additionally many teams choose to join the instance to a domain, and let the domain handle authentication.

Finally, starting with Windows Server 2016, AMIs maintained by AWS are configured to allow generated passwords to expire.

References

Thanks for reading! If you found my content useful, spread the word!