How to validate the Trusted Advisor MFA on Root Account List?

Every AWS account has a root user. This will be why it’s being reported. True when you create an account in an org there is no password but an email address is required. The way to log into the account is to perform a password recovery.

Usual to satisfy the AWS control each account would require an MFA device adding to root.

Aws CONFIG and backed with security hub will also provide the same insight if configured across the org.