How would storing QR code on S3 help me if I lose my phone – this is for Root user? As I would need to login to AWS to access my bucket. The only way to make it happen is to either have a normal user store it on S3 without MFA enabled or make the bucket public – both of which are not security compliant.
2 Answers
Don’t put it in S3. Save it as a PNG or something and stash it where you – and only you – can get it.
And NEVER EVER EVER do anything like this in a production environment, where you have other co-worker admins who can reset MFA for you.
In a pinch, you can log on to the AWS console as root and go through a different verification process to get in…but having that screenshot around makes things go faster
You might also find this interesting.
– https://help.acloud.guru/hc/en-us/search?utf8=%E2%9C%93&query=MFA
🙂
Thanks, that helps.
That is exactly my thought but I was referring to a point that Ryon made in ‘IAM Root Users’ lesson in the Security Speciality Course.