MFA is extremely important to keep your account safe.
Below we will show you how to enable MFA using Google Authenticator. It’s a free app available on both iOS and Android stores.
- Login to your IAM console at https://console.aws.amazon.com/iam/
- In the IAM Dashboard, below Security Status you will see an option of “Activate MFA on your root account”
- Click on “Activate MFA on your root account” .
- Click on “Manage MFA“
- In the pop-up select “A virtual MFA device” and click on Next.
- Now download ” Google Authenticator ” on your mobile from iOS or Android app store.
- Once the app is installed open the App and click on the + sign in the App.
- It will give you an option of “Scan a Barcode”. Click on that.
- Now go back to your AWS console and click next.
- You will now see a QR code in the AWS. Scan it with your Mobile with the app you opened in step 8.
- Now you will see a 6 digit code in your phone. Enter the code in AWS in “Authentication Code 1”.
- After few seconds you will see a new code in phone enter that new code in AWS in “Authentication Code 2” . Ensure that both codes are generated in consecutive sequence.
- Click on “Activate Virtual MFA“.
- That’s all! Next time when you will login to AWS console you will need the code of “Google Authenticator” with your user id and password.This small activity will keep you safe.
If you want to enable MFA for a specific user. Check this post MFA device for a user .
Next Step should be to set billing alert which will let you know if you are going above your billing limits. Check this post AWS Billing Alert .