Certified Security - Specialty

Sign Up Free or Log In to participate!

You can’t reach the page to change the MFA, without the original MFA device with the previous admin

In the lecture, you logged in using the root user (with enabled MFA) to change it! This means you should have the old MFA device. Since you mentioned that the old administrator left (with their MFA device in this scenario) then your only option is to bring in the owner of the account to call Amazon AWS and go through their phone process to recover the account and they will remove the current MFA device, and reset the password. The next time you login with the new password, you won’t see an MFA device setup.

1 Answers

Hi Mohamad,
I’m not positive which particular lecture this question is referring to, so I’m going to make a best effort guess on the content.

Preferably, you wouldn’t want to set up a root account with a virtual MFA that an employee could take with them if they quit/left/etc.  You would want to use a hardware MFA device that is locked in a safe and only used when absolutely necessary.

If the admin used their work email and phone number, you can easily recover the root account by following these directions.

If you can’t verify your account email or phone, you’ll need to go through AWS Support.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?