Last updated：2021-10-29 17:57:41
This topic describes how to enable MFA for an IAM user to protect its login and operations. MFA enhances the security of your IAM users.
Log in to the IAM console.
In the left navigation pane, choose Identities > Subusers. The Subusers page appears.
Click the username of the target IAM user, or click Details in the Actions column. The User details page appears.
On the Safety management tab, click Edit Rule.
In the Edit Rule panel, set the protection parameters.
- Login Protection: If you select Enable MFA, secondary authentication is required when the IAM user logs in to the console.
- Operation Protection: If you select Enable MFA, secondary authentication is required when the IAM user performs sensitive operations.
After you select Enable MFA for Login Protection or Operation Protection, the IAM user needs to bind a virtual MFA device next time it logs in to the console.
Did you find the above information helpful?
Please give us your feedback.
Thank you for your feedback.