Certified Security - Specialty

Sign Up Free or Log In to participate!

Storing QR code for MFA on S3 for rainy days.

How would storing QR code on S3 help me if I lose my phone – this is for Root user? As I would need to login to AWS to access my bucket. The only way to make it happen is to either have a normal user store it on S3 without MFA enabled or make the bucket public – both of which are not security compliant.

2 Answers

Don’t put it in S3.  Save it as a PNG or something and stash it where you – and only you – can get it.

And NEVER EVER EVER do anything like this in a production environment, where you have other co-worker admins who can reset MFA for you.

In a pinch, you can log on to the AWS console as root and go through a different verification process to get in…but having that screenshot around makes things go faster


That is exactly my thought but I was referring to a point that Ryon made in ‘IAM Root Users’ lesson in the Security Speciality Course.

You might also find this interesting.
– https://help.acloud.guru/hc/en-us/search?utf8=%E2%9C%93&query=MFA


Thanks, that helps.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?