Enable MFA on AWS Root Account

In this tutorial we will go through the steps on how to enable MFA on AWS root user, Click on this link to create aws free account, ignore if you already have it

We will use Google Authenticator to get our passcode and login to the account  

Login to the AWS account and search for the IAM service

After clicking on the IAM service we will be navigated to the IAM dashboard

Currently there is no MFA setup in this account, due to that we can see a red warning sign under security recommendations

Add MFA for root user

Click on Add MFA button

We can also achieve this page by navigating to top-right section where account name is displayed, click the drop down and jump on Security credentials

Click on Activate MFA under Multi-factor authentication

We will select Virtual MFA device and click on Continue

Steps to Setup Virtual MFA device

Step1. Install MFA app on your device

Download Google Authenticator (available on both Android and Apple) on your mobile

You can download other apps as well – List of compatible applications

Step2. Scan the QR code

Open the google authenticator app and click on Scan a QR code, now go to your IAM screen and click on Show QR code. Scan the QR code from your mobile MFA device

Step3. Enter the MFA code

After scanning the QR code, account will be added and codes will be reflected, enter that codes under MFA code 1 and MFA code 2

Click on Assign MFA

Sign out the existing session and login again, this time after entering the password we will be asked to enter our MFA code which will be displayed in your Google Authenticator app