Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

URGENT: Production Down 10+ Days - Stuck in Root MFA Recovery Loop

-1

Hi AWS Community,

I am seeking urgent assistance or a formal escalation regarding a root account access issue. Our production website has been down for over 10 days, and we are currently unable to restore service because we are locked out of the Root User account by an old MFA device.

The Situation:

The Blocker: The former developer holds the MFA device and is unresponsive.

Current Access: We have access to the Root Email address and have successfully reset the password, but we are stuck at the MFA challenge.

Limited IAM: Our only accessible IAM user has "Billing View" permissions only and cannot modify security settings or contact information.

Actions Taken:

I have an active case open with the Account Specialist team.

I have already submitted all required verification documents, including bank statements showing AWS payments, company authorization on official letterhead, and proof of access to the root email.

While I previously had tickets closed quickly by first-line support, my current request has been pending for over 20 hours with no update.

Request: I understand that MFA removal requires a strict security protocol, but with a production environment down for 10 days, the business impact is severe.

Could a moderator please check the status of my case or ensure it is assigned to the correct specialist for manual verification? I am happy to provide the Case ID to an official AWS employee.

Thank you for any help you can provide.

  • rePost-User-0257722
    a month ago

    Why is your production down because of lack of MFA to the root login? This doesn't track on best practices or validity.

  • Jeffrey
    a month ago

    Honesty I have no background in AWS setup three weeks ago, and hade to figure out all things like root email user, this MFA and other stuff, only the higher ups talk to the developer so when the dev went rouge and production went down, I was force to think outside the box, once if root user access is gain, will figure it out systematically how to up the production.

Topics
Management & Governance
Tags
Multi-factor AuthenticationAWS Account Management
Language
English
asked a month ago57 views
1 Answer
1
Accepted Answer

Assuming this is a stand-alone account and not a member account of an AWS Organization, then if in addition to having access to the root email, you're able to receive phone calls made to the phone number of the account's primary contact, you can remove the MFA device from the root user by following the instructions here: https://aws.amazon.com/blogs/security/reset-your-aws-root-accounts-lost-mfa-device-faster-by-using-the-aws-management-console/

If the registered phone number is not accessible, such as if it's controlled by the former developer who went unresponsive, the only way is to work with AWS support to validate your title to the account and for them to restore access for you, which I understand is exactly what you're attempting.

EXPERT
answered a month ago
EXPERT
reviewed a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content