AWS IAM now enforces MFA for root users across all account types
News
AWS Identity and Access Management (IAM) has expanded multi-factor authentication (MFA) requirements to root users across all account types, enhancing security measures for AWS customers.
- MFA now mandatory for root users in all account types
- Builds on previous security enhancements since May 2024
- MFA prevents over 99% of password-related attacks
- Supports multiple MFA methods, including FIDO2 passkeys
- Users can register up to 8 MFA devices per root and IAM user
- For AWS Organizations, centralized access management is recommended
This initiative represents AWS's continued commitment to enhancing account security and implementing "secure by design" principles.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Jun 11
2024
2024
AWS adds passkey multi-factor authentication (MFA) for root and IAM users
Apr 23
2025
2025
AWS Account Management now supports IAM-based account name updates
Nov 15
2024
2024
Centrally manage root access in AWS Identity and Access Management (IAM)
Nov 15
2024
2024
Secure by Design: AWS enhances centralized security controls as MFA requirements expand
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.