-->

Tip of the Day: Activate multi-factor authentication (MFA) on AWS

awssecurity tip_of_the_day, iam

AWS is a very critical service for businesses and enabling a 2nd factor authentication would be very helpful to increase security.

Step 0: Install Google Authenticator or a similar OTP generator tool on your mobile device.

Step 1: Logon to your account and select Security Credentials from the menu on the upper right corner. Then click on Activate MFA button. AWS MFA Step 1

Here you have two options. You can choose to use a hardware device if you choose to purchase one from Amazon. At the time of this writing the price on Amazon was $12.99 so it’s also an affordable option. I decided to use Google Authenticator because it was already installed and active on my phone and I didn’t want to manage another piece of hardware.

Step 2: It will display a QR code which you can scan using Google Authenticator. Once the scan is completed you will need to enter 2 consecutive numbers the device generates. Once the device is synchronized it will be ready to use. You can verify it by checking its status:

AWS MFA Step 2

Step 3: Log out and log back in to see the results. After the password screen you should see an additional screen asking for the authentication code.

AWS MFA Step 3

Resources