2 Answers
- Newest
- Most votes
- Most comments
1
1
Hi,
from documentation: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_lost-or-broken.html
Basically, you can register multiple MFS devices to root user to have a backup if one fails or you must be prepared to use the identity verification procedure if you can't have more than 1 device
Recovering a root user MFA device
If your AWS account root user multi-factor authentication (MFA) device is lost, damaged,
or not working, you can sign in using another MFA device registered to the same AWS
account root user. If the root user only has one MFA device enabled, you can use alternative
methods of authentication. This means that if you can't sign in with your MFA device, you
can sign in by verifying your identity using the email and the primary contact phone number
registered with your account.
Before you use alternative factors of authentication to sign in as a root user, you must be
able to access the email and primary contact phone number that are associated with your
account. If you need to update the primary contact phone number, you can sign in as an IAM
user with Administrator access instead of the root user. For additional instructions on updating
the account contact information, see Editing contact information in the AWS Billing User Guide.
If you do not have access to an email and primary contact phone number, you must contact AWS
Support.
Best,
Didier
Relevant content
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago