By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Log In Driving me crazy

0

I am not sure what to do.. I used to just sign in easily.. Nothing has changed about the way I sign in but.. I ALWAYS have to use 'alternative log in" I am the Root User and owner.. I click next. But than I have to do a Security Check. Long ago I used to just click NEXT and I'd be in my board. So I could upload to me S3 bucket. So now I do the security check. Which I have to listen to because characters never match. Then I go back to the Root User sign in.. (user name / pw) click Sign In. Then get this message:

Your account is secured using multi-factor authentication (MFA). To finish signing in, turn on or view your MFA device and type the authentication code below.

So how Would I accomplish this? One option was for me to DL an app on my iPhone called DUO MOBILE. That just kept generating random number constantly. So I gave up on that as I could not figure out how to use it. but from here.. I have to. TROUBLE SHOOT
MFA. Sign in using alternative factors of authentication. have them send me a email. Click that.. get a phone call.. give them the 6 digits and after all that.. I can get in.

So what am I doing wrong? Or how can I just get to sign in without going through all that? Thank you for your time in advance. If possible.. if I could be emailed directly as I am not even sure I will be able to find this board back to see / get my answer.

Ed

Topics
Management & Governance
Tags
AWS Management ConsoleAWS Account Management
Language
English
Scorpio741
asked a month ago62 views
1 Answer
0

It sounds like you're experiencing some frustration with the sign-in process for your AWS account, particularly as the root user. Let me explain what's happening and provide some guidance.

The process you're describing is actually the standard multi-factor authentication (MFA) process for AWS accounts. MFA is an important security feature that AWS enforces by default for root users to protect your account from unauthorized access.

The "alternative log in" and security check you're encountering are part of this process. The security check (where you have to enter characters or listen to an audio challenge) is designed to prevent automated attacks.

Regarding the MFA step, it seems you've attempted to set up Duo Mobile, which is a valid authenticator app for AWS. However, these apps don't just generate random numbers - they generate time-based one-time passwords (TOTP) that change every 30 seconds. To use it, you would need to enter the current code displayed in the app when prompted during sign-in.

If you're finding this process cumbersome, here are a few suggestions:

  1. Consider using a hardware MFA device or a FIDO security key instead of a mobile app. These can be easier to use for some people.

  2. If you prefer a mobile app, try setting up Google Authenticator or Authy instead of Duo Mobile. These are widely used and might be more intuitive for you.

  3. Remember that you can register multiple MFA devices (up to eight) for your account. This gives you backup options if one method isn't working well for you.

  4. For day-to-day operations like uploading to your S3 bucket, it's recommended to create an IAM user with the necessary permissions rather than using the root account. This can simplify your regular access while keeping your root account secure.

If you're still having trouble, I'd recommend reaching out to AWS Support for personalized assistance with your account setup. They can guide you through the process of properly setting up and using MFA.

Remember, while these security measures might seem inconvenient, they're crucial for protecting your AWS account and resources. Once properly set up, the sign-in process should become more straightforward.
Sources
Multi-factor authentication for Identity Center users - AWS IAM Identity Center
MFA enabled sign-in - AWS Identity and Access Management
Authenticator app vs Hardware Token | AWS re:Post
Sign in to the AWS Management Console as the root user - AWS Sign-In

profile picture
re:Post Agent
answered a month ago
profile picture
EXPERT
Riku_Kobayashi
reviewed a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content