By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

MFA with Google Authenticator App is not working

0

With scan QR-code in 'Set-up device' in 'Assign MFA device' in 'Security credentials' , I get only one (1) 6 digit code labeled 'Amazon Web Services: Device_name_Roland@correct_account_nr When I enter this 6 digit code (more precisely 3 digits + space + 3 digits) in field MFA code 1, I receive error that MFA code 2 must be filled also. Therefore I have to press + on my android app Google Authenticator to receive a second 6 digit code. When I enter this second 6 digit code, I receive error: 'Authenticator code for device is not valid.' ? Kind regards and thanks for help

  • Mustafa
    20 days ago

    hope you accept my answer!

Topics
AWS Well-Architected Framework
Tags
Security
Language
English
Roland_with_MFA
asked 20 days ago374 views
2 Answers
1

Hello.

The value entered for "MFA code 2" must be the number that comes after "MFA code 1".
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_enable_virtual.html#enable-virt-mfa-for-iam-user

On the Set up device page, in the MFA code 1 box, type the one-time password that currently appears in the virtual MFA device. Wait up to 30 seconds for the device to generate a new one-time password. Then type the second one-time password into the MFA code 2 box. Choose Add MFA.

profile picture
EXPERT
Riku_Kobayashi
answered 20 days ago
profile pictureAWS
EXPERT
SriniV
reviewed 17 days ago
  • Roland_with_MFA
    19 days ago

    Yes, this is apparently how it works. Personally I would have called the first box 'MFA code' and the second box 'MFA code after a couple of seconds'.

0

It seems like you're encountering issues with setting up multi-factor authentication (MFA) using the Google Authenticator app for your AWS account. Here are a few troubleshooting steps you can try:

  1. Verify Correct Time Settings: Ensure that the time settings on your device where the Google Authenticator app is installed are correct. MFA codes are time-based, and any discrepancies in time settings can lead to codes being invalid.

  2. Re-synchronize Time Settings: If you suspect that the time settings may be incorrect, try re-synchronizing the time settings on your device with a reliable time source, such as network time protocol (NTP).

  3. Check for Correct Account: Double-check that you're entering the MFA code for the correct AWS account and user. Sometimes, users may have multiple AWS accounts or MFA devices associated with their account.

  4. Use Correct Format: Make sure you're entering the MFA code in the correct format. The code should be entered as six digits with no spaces. If you're prompted for two codes, ensure that you're entering both codes separately without any spaces.

  5. Re-scan QR Code: If the issue persists, try removing the MFA device from your AWS account and setting it up again by scanning the QR code provided in the "Set-up device" process. Ensure that you're scanning the QR code using the Google Authenticator app and that it's properly configured.

  6. Contact AWS Support: If you're still unable to set up MFA using the Google Authenticator app, consider reaching out to AWS support for further assistance. They can help troubleshoot the issue and provide guidance based on the specifics of your situation.

By following these steps, you should be able to set up MFA using the Google Authenticator app successfully for your AWS account.

Mustafa
answered 20 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content