|« PreviousNext »|
|Did this page help you? Yes | No | Tell us about it...|
This section shows you how to set up and enable a new MFA device, as well as how to synchronize and deactivate existing devices, and what to do when a device is lost or stops working. For answers to commonly asked questions about AWS MFA, go to the AWS Multi-Factor Authentication FAQs.
The following high-level procedure describes how to set up and use an MFA device, and provides links to related information.
Get an MFA device. The device can be a hardware MFA device or a virtual MFA device. A virtual device can be a smartphone that has an MFA application installed on it.
If you want to use a hardware device, you can find information about where to purchase the devices that AWS supports at http://aws.amazon.com/mfa. If you want to use a virtual MFA device, or if you just want to learn more about virtual MFA, see Using a Virtual MFA Device with AWS.
Enable the MFA device. You can enable the MFA device for use with AWS using the AWS Management Console, the IAM command line tools, or the IAM API.
Use the MFA device when logging on or accessing AWS resources. For access to an AWS website, you need a user name, password, and MFA code. For access to MFA-protected APIs, you need access keys and an MFA code.
For information about user passwords, see Managing Passwords. For information about using MFA with the AWS Management Console, see MFA Devices and Your IAM-Enabled Sign-in Page. For information about the AWS service APIs that use MFA, go to Does AWS MFA affect how I access AWS Service APIs? on the AWS Multi-Factor Authentication FAQs page.