To protect your AWS account, you can add an additional layer of security called Multi-Factor Authentication (MFA). Enabling Multi-Factor Authentication (MFA) on your AWS account is easy and can help protect against unauthorized access to your resources. By following the steps outlined above, you can quickly and easily set up MFA for your AWS account, and start using it to secure your resources and services. Follow these steps to enable MFA on the AWS account:
Log in to the AWS Management Console using your root user ID and password.
On the top header menu, from the right-hand side, click your account’s username/email.
To access your security credentials Click the Security Credentials option from the user account’s menu.
On the My security credentials page, you will see the following screen if you have no MFA device assigned for your user account: “You don’t have MFA assigned As a security best practice, we recommend you assign MFA.”
To enable MFA on AWS account, click the “Assign MFA” button.
On the next screen add a device name to identify your device, you can add any meaningful name.
In the “Specify MFA device name” section, choose the type of virtual MFA device you want to use. AWS supports several types of MFA devices, including hardware and software versions.
Click the “Next” button on that page.
Considering you have selected the authenticator app option, on the next screen, click the Show QR code link to show the QR code.
From your mobile, scan the QR code from your MFA app, add the two consecutive MFA codes and click the Add MFA button in the modal.
The next screen will present you the following success message: You have successfully assigned virtual MFA
Click the Close button in that modal. The MFA devices list will show you a new record for your recently added MFA device:
In order to verify that MFA is set up, you can log out from your account and try logging again into your AWS account. After entering the credentials, you will be presented with the MFA form where you can add the MFA code from your MFA app:
After submitting the correct MFA code, you will be redirected to the AWS console dashboard as a logged-in user.