![](http://habrastorage.org/getpro/habr/avatars/9ea/8c1/ebc/9ea8c1ebc627ce68d91051885ef84146.jpg)
AWS Multi-Factor Authentication
Hello everybody! ![image](https://habrastorage.org/storage2/de2/8d5/cd3/de28d5cd30892edd8b0d669b656dfede.png)
Today I would like to talk about the multi-factor authentication of IAM users in your Amazon account. As you remember, in this article I talked about how to create and set a password for a new user. Today we will screw the device to the user for authorization.
We will use a regular Android phone . First, install the Amazon Appstore on it according to this instruction . Nothing complicated for the average user of Android. Next, in the search, enter “mfa”:
![image](https://habrastorage.org/storage2/eb0/bfd/d60/eb0bfdd602bf400e358d82b55c6e139e.png)
Download and install the program. Almost like on Play.
Next, in your AWS account, go to IAM , in the Users section. On the desired user, right-click:
![image](https://habrastorage.org/storage2/212/4a2/586/2124a258603d96844c512adcf6894d1d.png)
Add the virtual MFA device:
![image](https://habrastorage.org/storage2/ed1/12c/1be/ed112c1be0a741c8cc33406e499c487e.png)
Next, we will be given a QR code, which we must recognize with some predefined tool:
![image](https://habrastorage.org/storage2/a51/807/d90/a51807d907415cfd98ca74dab6b6b28e.png)
After recognition, we will have an account in the application. Click on the account and get a code that we enter on the first line under the QR code without spaces. Next, wait until the code disappears and click again. The resulting code is written in the second line. Like this:
![image](https://habrastorage.org/storage2/b38/fe8/3a9/b38fe83a97a7b2ba76e84bfc2b3c97c4.png)
Activate your multifactor authentication device!
Next, we look at what happens when you login. Here we will be asked a password, as it was before:
![image](https://habrastorage.org/storage2/880/65b/97f/88065b97fbb4621a38c0159b51790a73.png)
After successfully entering the password, Amazon will ask for a code from the MFA device:
![image](https://habrastorage.org/storage2/8ff/f23/189/8fff2318902c4f8270563ed3ae35ba2f.png)
As you might have guessed, this code is obtained when choosing an account in your application:
![image](https://habrastorage.org/storage2/1a5/9c7/1dc/1a59c71dc4430ba18cc2ab1c23282d1e.png)
After successfully entering the code, you will get access to the console. Everything is simple and safe!
![image](https://habrastorage.org/storage2/de2/8d5/cd3/de28d5cd30892edd8b0d669b656dfede.png)
Today I would like to talk about the multi-factor authentication of IAM users in your Amazon account. As you remember, in this article I talked about how to create and set a password for a new user. Today we will screw the device to the user for authorization.
We will use a regular Android phone . First, install the Amazon Appstore on it according to this instruction . Nothing complicated for the average user of Android. Next, in the search, enter “mfa”:
![image](https://habrastorage.org/storage2/eb0/bfd/d60/eb0bfdd602bf400e358d82b55c6e139e.png)
Download and install the program. Almost like on Play.
Next, in your AWS account, go to IAM , in the Users section. On the desired user, right-click:
![image](https://habrastorage.org/storage2/212/4a2/586/2124a258603d96844c512adcf6894d1d.png)
Add the virtual MFA device:
![image](https://habrastorage.org/storage2/ed1/12c/1be/ed112c1be0a741c8cc33406e499c487e.png)
Next, we will be given a QR code, which we must recognize with some predefined tool:
![image](https://habrastorage.org/storage2/a51/807/d90/a51807d907415cfd98ca74dab6b6b28e.png)
After recognition, we will have an account in the application. Click on the account and get a code that we enter on the first line under the QR code without spaces. Next, wait until the code disappears and click again. The resulting code is written in the second line. Like this:
![image](https://habrastorage.org/storage2/b38/fe8/3a9/b38fe83a97a7b2ba76e84bfc2b3c97c4.png)
Activate your multifactor authentication device!
Next, we look at what happens when you login. Here we will be asked a password, as it was before:
![image](https://habrastorage.org/storage2/880/65b/97f/88065b97fbb4621a38c0159b51790a73.png)
After successfully entering the password, Amazon will ask for a code from the MFA device:
![image](https://habrastorage.org/storage2/8ff/f23/189/8fff2318902c4f8270563ed3ae35ba2f.png)
As you might have guessed, this code is obtained when choosing an account in your application:
![image](https://habrastorage.org/storage2/1a5/9c7/1dc/1a59c71dc4430ba18cc2ab1c23282d1e.png)
After successfully entering the code, you will get access to the console. Everything is simple and safe!