Deactivate or delete access keys for root user

As a security best practice, it is not recommended for the root user to have an access key. Per the AWS documentation https://docs.aws.amazon.com/accounts/latest/reference/credentials-access-keys-best-practices.html,

One of the best ways to protect your account is to not have access keys for your AWS account root user. Unless you must have root user access keys (which is rare), it is best not to generate them. Instead, the recommended best practice is to create one or more AWS Identity and Access Management (IAM) users. Grant those IAM users the necessary permissions, and use them for everyday interaction with AWS.

You'll still have access to your AWS account by using an IAM user. And, if you really need to access the AWS console using your root user, you can still do so by using your root user credentials (email and password). As a security best practice as well, ensure that you have an MFA configured for your root user credentials.

Guidance/recommendation from AWS is not to store any root credentials. We released new guidance using Central Root Access Management. With this new feature you don't have to manage root credentials. Enable this feature and delete root credentials(passwords, access keys etc) from central management account and you are secure and safe. https://aws.amazon.com/blogs/security/secure-root-user-access-for-member-accounts-in-aws-organizations/