DEV Community

Cover image for Create Multi-Factor Authentication (MFA) for your AWS accounts
Wendy Wong for AWS Community Builders

Posted on • Updated on

Create Multi-Factor Authentication (MFA) for your AWS accounts

Add an extra layer of protection

In this blog of the security series, I discussed how my AWS Root User account was hacked with an unauthorized user and remediation steps included implementing AWS for the Root account.

In the previous blog steps were outlined to create a multi-region trail to monitor and report on user and API activity with AWS CloudTrail.

In this post, we will implement Multi-Factor Authentication (MFA) on the AWS IAM User account to add an extra layer of protection to your user name and password with an auto generated code using a virtual MFA application.

Tutorial: Create MFA on your Admin IAM user account

Step 1: Sign in to the AWS Management Console.

sign in management console

Step 2: Login with your AWS IAM User credentials.

sign in to your

Step 3: In the AWS Management Console navigate to the search bar and type 'IAM'.

type IAM

Step 4: On the AWS IAM dashboard you will see a best practice recommendation to implement MFA.

need to create

Step 5: Click Add MFA and then select Assign MFA device

Add MFA

Step 6: Click Virtual MFA device.

assign device

Read more information from this link to understand which type of MFA is suitable for your circumstance.

read

download

Step 7: For Virtual MFA Application, download 'Twilio Authy' for
your iPhone or Android mobile device.

Twilio

Step 8: Open the Twilio app and use the camera to scan the QR code on your computer screen.

Enter two 6-digit codes provided by the Twilio app in the section provided.

Step 9: You will receive a message from the pop-up window that MFA was successfully created.

success

You may repeat all of the above steps 1-9 for any additional AWS accounts e.g. Root Account used for emails.

Step 10: Double check that MFA is implemented on your AWS IAM User account, login to the AWS Management Console with your user name, followed by your password. And Presto! You will receive an additional layer of security with a MFA prompt as shown below.

Ask for MFA

Conclusion

The AWS IAM Dashboard provides best practice recommendations.
You can see that MFA has been implemented.

IAM dashbaord

set up sone

Until the next lesson, happy learning! 😁

Join us for AWS re:Inforce conference

Next week is AWS re:Inforce conference, 26-27 July 📆

A learning conference on compliance, privacy and identity 🔐🛠️

• Register to watch the keynote & sessions streamed live online 📺 or join the AWS Community in person in Boston.

• Link: https://reinforce.awsevents.com

Reinforce

Resources

Multi-Factor Authentication

Top comments (0)