DEV Community

Cover image for AWS MFA services
Trisha Chetani for AWS Community Builders

Posted on • Edited on

AWS MFA services

What is the standard login procedure for any web-based application?

Indeed, we will use a login username and password to respond to this particular question. Anyone can assume your identification, and if it is cracked, which is a major nuisance caused!

What can you change about this?

The word "factors" is used. To be more in the context, factors are pieces of information that reveal your identity. Nowadays, various types of criteria are used to login into any web-based application.
Four main types of variables were most frequently used to enter into any web-based applications.

  • Knowledge - Information you possess! Username and password, as an illustration.
  • Possession - Something you own! For instance, a bank card or MFA tool/app.
  • Inherent - A quality you own! For example, your own voice, face, and fingerprint for recognition.
  • Location: A geographical area, cooperative network, home WiFi network.

Overall, additional factors increase strength and make frauds more complicated.

Since we learned about factor authentication,lets learn how we use on AWS MFA services ?

Once we have an AWS account, we can log-in to the application with the login username and password. One-factor authentication is being used here at the moment. A malicious actor may take your identity! It could be because of an error on the user side or malware on the machine.

Now how to tackle this ?

  • Using MFA We utilize the MFA cloud service to get around this. It could be a physical MFA device(generate ever-changing codes) or a virtual application(Google authenticator), which is integrated with the MFA service.

How to configure MFA using AWS?

You must turn on the MFA service for that specific-user to set up that unique identity within AWS. Users of Roots, for illustration. Secret keys and other related information are generated by the AWS service. This data must be typed into a virtual application like Google Authenticator, or Microsoft authenticator.

The specific QR code is produced using the secret key and additional data in a graphic format, and is then scanned! Using the authenticator program, scans are performed. The authenticator application will begin generating a code when needed once the scanning is complete.

Different virtual devices are used for different accounts/services.

Enter fullscreen mode Exit fullscreen mode

Now, in addition to your username and password, you must now input the MFA code in order to access your AWS account. User should use the current code mentioned in the application for that particular user/account.

Thankyou adriancantrill

Top comments (0)