In this article, we are going to learn to Enable AWS multi-factor authentication (MFA) for the AWS Root user account. AWS Multi-Factor Authentication (MFA) is a simple best practice that adds an extra layer of protection on top of your user name and password. With MFA enabled, when a user signs in to an AWS Management Console, they will be prompted for their user name and password (the first factor—what they know), as well as for an authentication code from their AWS MFA device (the second factor—what they have). Taken together, these multiple factors provide increased security for your AWS account settings and resources.
Enable multi-factor authentication (MFA) for the AWS Root user account:
Add MFA for the root user:
- Log in to your AWS account.
- Search IAM in AWS search console. Or choose your account name, and choose My Security Credentials.
- Click on Add MFA.
Activate MFA:
Click on Activate MFA.
Choose the type of MFA device to assign:
Choose Virtual MFA Device and click on Continue.
Set up virtual MFA device:
Install one of the following Authenticator apps on mobile and scan the QR code on the screen, then enter MFA Code 1 and MFA Code 2 from the mobile Authenticator App. After adding MFA code click on Assign MFA.
I have installed “Google Authenticator App” on my mobile.
Virtual MFA Applications: Authy, Duo Mobile, LastPass Authenticator, Microsoft Authenticator, Google Authenticator.
You will get a success message then click on Close.
Accessing AWS Console Using MFA:
- Open your AWS console login page and click on Root User then enter your email.
- Enter your password.
- Use your Google Authenticator Application on mobile and enter MFA code in AWS Console
Assigned MFA device for IAM User:
- Sign in to the AWS Management Console and search the IAM console search tab.
- In the navigation pane, choose Users and then select and double click on the user.
- In the Security credentials tab > Assigned MFA device,> click on Manage.
- Choose Virtual MFA Device and click on Continue (same further process as above).
That’s all, In this article, we have explained Enable multi-factor authentication (MFA) for the AWS Root user account. If you like this article, then just share it and then do subscribe to email alerts for Linux, Windows, macOS, Android, Internet, Firewall and Security, CCTV tutorials. If you have any questions or doubts about this article, please comment.