Personal Programming Notes

To err is human; to debug, divine.

AWS: Setting Up Multi-Factor Authentication (MFA)

This process is simple and most people should use MFA when developing a serious AWS application. Follow the following steps to enable MFA for AWS.

  • Launch the AWS Console with your AWS Account. From the AWS Console, select “Identity & Access Management”.

  • Select “Users” tab on the left side.

  • Click on your username from the list of users.

  • Make sure that “Security Credentials” tab is selected. Scrolling down to the bottom, under “Sign-in Credentials” section, select “Manage MFA Device”.

  • In the pop-up window, you are allowed to choose a virtual MFA device or a physical MFA device. The most convenient option is a virtual MFA device which only requires you to have a smartphone with some AWS MFA-compatible application. The list of AWS MFA-compatible applications are listed in here.

  • In my case, I use Google Authenticator. After installing the app, simply add an account and select “Scan a barcode”.

  • Follow the prompts on AWS MFA webpages to arrive at the following page with QR code. You will then enter the first 6 digit PIN from Google Authenticator into Code 1 box. Wait for it to change and then add the second code into Code 2 box.

  • You are now all set for MFA. All future accesss will require you to enter the MFA code from the Google Authenticator on your Android/iPhone during login.