I have turned on MFA for my AWS root account but the code is always invalid. I also have a regular Amazon shopping account with MFA enabled. I can still log in when I use a code sent to my phone but not through the authenticator app (Authy). How can I get MFA working?
Asked
Active
Viewed 539 times
0
-
Amazon has recently unbundled AWS accounts from Amazon accounts so this question may no longer be valid. – Ryan Hendry Apr 25 '23 at 11:30
1 Answers
2
I found out that many if not all Amazon accounts that use the same email are in fact the same account with the same password. This means that if you have an Amazon shopping, AWS, Seller Central and Amazon Associates account they are all the same.
This is important when you have an Amazon account with MFA turned on and then you also have MFA turned on inside an AWS root account. It means you have to enter two separate sets of MFA codes when you log in!
The first MFA prompt you use the code from your main Amazon account (shopping, seller central etc.)
You will then get a second prompt into which you will have to enter your AWS specific code that you set up in the AWS console
Hopefully, this helps anyone with the same issue that is wondering why their MFA isn't working.
Ryan Hendry
- 389
- 1
- 5
- 16
-
1Based on this answer, I realized that if you have MFA enabled on your Amazon account, the MFA on your AWS root account is redundant. I tested removing MFA on the AWS account, and it appears you can login to either site, and your main Amazon MFA kicks in. This works for me and seems easier to manage. If I want better protection to isolate AWS from my Amazon account, I'll use a different login. – Eric Hutchinson Dec 31 '22 at 17:15