Ensure hardware MFA is enabled for the root account
Rating | 🛑 - High |
---|---|
Description
Protecting the root account with a hardware MFA token to increase security with protecting the credentials.
Vulnerability
MFA (or multi factor authentication) refers to using an additional factor (like a security fob or a one-time password), in addition to the regular username and password to gain access to an account. This reduces the likelihood of the account being compromised due to the loss of the root username and password.
Remediation
Follow the AWS best practices to configure MFA on your root account.
References
- AWS CIS v.1.4.0 - 1.6
- AWS CIS v.1.2.0 - 1.14