Enable MFA for an IAM user

Last updated:2021-10-29 17:57:41

This topic describes how to enable MFA for an IAM user to protect its login and operations. MFA enhances the security of your IAM users.

Procedure

  1. Log in to the IAM console.

  2. In the left navigation pane, choose Identities > Subusers. The Subusers page appears.

  3. Click the username of the target IAM user, or click Details in the Actions column. The User details page appears.

  4. On the Safety management tab, click Edit Rule.

  5. In the Edit Rule panel, set the protection parameters.

    • Login Protection: If you select Enable MFA, secondary authentication is required when the IAM user logs in to the console.
    • Operation Protection: If you select Enable MFA, secondary authentication is required when the IAM user performs sensitive operations.
  6. Click OK.

What to do next

After you select Enable MFA for Login Protection or Operation Protection, the IAM user needs to bind a virtual MFA device next time it logs in to the console.

Did you find the above information helpful?

Unhelpful
Mostly Unhelpful
A little helpful
Helpful
Very helpful

What might be the problems?

Insufficient
Outdated
Unclear or awkward
Redundant or clumsy
Lack of context for the complex system or functionality

More suggestions

0/200

Please give us your feedback.

Submitted

Thank you for your feedback.

问题反馈