How to Disable or Enable MFA in Amazon AWS Account

Steps to Deactivate / Activate Multi-Factor Authentication in Amazon AWS Account using Virtual Device

What is MFA in Amazon AWS?

MFA , also known as Multi-Factor Authentication is an advanced security system provided in AWS for increased security of AWS Resources. This MFA provides additional protection to users with different authentication modes for verification of Users’s Identity while accessing AWS Services & Resources. To achieve this security, you need to activate MFA in AWS on your root account. For activating Multi Factor Authentication in Amazon, two types of Authentication device are provided :

  • A Virtual MFA Device
  • A Hardware MFA Device

In this blog we will discuss about How to Disable / Enable a Virtual MFA Device in Amazon WorkMail Account (AWS Console). The Virtual MFA Device will make use of a Software Application (eg : Google Authenticator for Android ). This application will generate a 6-digit-code (known as OTP) for authentication of user’s identity during login & activate MFA in Amazon AWS Account.

Enable MFA in AWS

Mobile Specific Applications to Activate MFA in AWS

Device Application
Android Google Authenticator & Authy 2-Factor Authentication
iPhone Google Authenticator & Authy 2-Factor Authentication
Windows Phone Authenticator
Blackberry Google Authenticator

How to Deactivate / Disable MFA in AWS Account

Follow steps to Disable 2 Step Verification / Multi Factor Authorization in Zoho Mail


To Disable MFA Device , Go to your AWS Account name & Click on the drop down menu & Select My Security Credentials.

My Security Credentials

Under Multi Factor authentication (MFA), You can View details like Device Type , Serial Number & Actions. Within Actions column, select Deactivate Link.

Disable MFA AWS


A Pop is displayed Showing “Are you sure you want to deactivate the device : Serial Number ”. Then Click on Deactivate to Successfully Disable the MFA

Disable MFA

How to Enable Multi Factor Authentication in AWS Account using Virtual MFA Device ?
Follow Procedure to activate MFA on your Root Account using Virtual MFA Device


To activate MFA in AWS Account, Login to your AWS IAM Management Console.


Choose Sign in to Console Button on Left hand side of the screen.

Login to AWS Mangement Console


Sign in using AWS Login Credentials & Click on Sign In.

AWS Login Credentials


Now Search for IAM or Go to Security, Identity & Compliance & Click on IAM as shown below:

AWS Login Credentials


Now Under Security Status , Choose Activate MFA on your Root Account. The click on Manage MFA Button.

AWS Login Credentials


Now a Pop screen displaying Manage MFA Device will appear. The window will show you two options for the type of MFA Device that you need to Activate or Enable MFA in AWS Account:

  • A Virtual MFA Device
  • A Hardware MFA Device

Now Select A Virtual MFA Device from the two selection Option & Click on Next Step as shown below:

AWS Login Credentials


Now Download the Application Google Authenticator for Android Devices from Google Play Store & open the Application

Note :You can Download the MFA Device Authentication Applications as per your device as described above in the table to begin the process to activate MFA on Amazon AWS.

AWS Login Credentials


Choose Begin to proceed Authentication Process.

Begin to proceed


Select Scan a Barcode Option & scan the Bar Code Displayed on the Manage MFA Device Screens as Shown Below:

scan the bar Code


As soon as you scan the bar Code , the Google Authenticator will Display the 2 Authentication Code , one after the other.

scan the bar Code


Enter the Authentication Code 1 & Authentication Code 2 & Click on Activate Virtual MFA to Enable MFA in AWS Account.

Authentication Code


After the Authentication Code is successful, a pop up is displayed “The MFA device was successfully associated with your account” showing that Multi Factor Authentication in Amazon AWS is successful.

MFA in Amazon AWS is successful


When you Login to the Console next time, an Authentication Page is Displayed : Amazon Web Services Sign In With Authentication Device. Now Enter The Authentication Code to successfully login to the Account.

Authentication Code

Click Here to Download WorkMail Backup Tool Download Now