Enable free MFA on AWS Account
I was checking my email, and saw an email from AWS “Action Required: Irregular activity in your AWS account ..” I had created account few years back and I had not even logged into it for years. When I saw current bill it was in few 100$.
AWS Support was very supportive, however could not find out how it happened. Someone created security key and access key of root account by hacking root account console access.
Then I realized value of MFA. However AWS does not provide an article clearly to setup MFA free.
How to setup free MFA:
- Download Google Authenticator App on your andriod phone.
- Login into AWS account > IAM > setup MFA > Virtual Device >
- Next > select show QR Code in AWS
- Open Google Authenticator app,
- Scan code shown in AWS console using Google Auth App.
- Google Auth App provide time-expiry pin codes.
- you need to enter two consecutive pin into AWS console.
- Once AWS validate 2 consecutive pin entered. You are done