Control: Ensure IAM password policy requires minimum length of 14 or greate

Description

Password policies are, in part, used to enforce password complexity requirements. IAM password policies can be used to ensure password are at least a given length. It is recommended that the password policy require a minimum password length 14.