How do I reset my AWS account root user MFA device?
I want to reset my AWS account root user multi-factor authentication (MFA) device.
Resolution
Note: If you're an AWS Identity and Access Management (IAM) user, then you can't reset your MFA device. Your administrator must deactivate the device. For more information, see Recovering an IAM user MFA device.
To reset your MFA device, you must have access to the account root user email address and phone number that's associated with the account.
Complete the following steps:
- Sign in to the AWS Management Console with your account root user email address.
- On the Root user sign in page, enter the password of your root account.
- On the Amazon Web Services Sign In With Authentication Device page, choose Troubleshoot MFA? Click here.
- On the Troubleshoot Your Authentication Device page, choose Sign In using alternative factors.
- For Step 1: Email address verification, validate that the email address is correct, and then choose Send verification email.
- In the email from AWS with the subject line, AWS Email Verification, choose Verify your email address. The Step 2 page in the verification process appears.
- For Step 2: Phone number verification, confirm that the phone number is correct, and then choose Call me now.
Note: If you don't receive the automated telephone call or to update the phone number, see How do I update my telephone number to reset my lost MFA device? - Answer the phone call from AWS, and then use your phone's keypad to submit the six-digit verification code that appears on your device's screen.
- For Step 3: Sign In, choose Sign in to the console. You are automatically redirected to the Security credentials page.
- Next to the MFA device, choose Deactivate.
- Next to a new MFA device, choose Activate MFA.
Note: It's a best practice to activate a new MFA device your as soon as possible.
If you lose your MFA device, then you can assign a virtual MFA device to protect your root account.
For additional assistance, see Lost or unusable multi-factor authentication (MFA) device. Choose I'm still having problems and would like to contact AWS Support. Complete the Request assistance with lost or unusable MFA device form, and then choose Submit.
This procedure is not working. the ste4 ends with this message: Authentication failed Your authentication information is incorrect. Please try again
Thank you for your comment. We'll review and update the Knowledge Center article as needed.
I get to the point where I get the phone call. When I type in the six-numeral code, I then wait. Then it says No code entered and hangs up on me. Is there something you are supposed to do after you type in the six numbers?
Thank you for your comment. We'll review and update the Knowledge Center article as needed.
You can't reset your MFA device because AWS can't call it (restore procedure), and you can't get AWS Support (Request assistance with lost or unusable MFA device) because you need to sign in. So it's an infinite loop with no solution!
Thank you for your comment. We'll review and update the Knowledge Center article as needed.
Relevant content
- asked 24 days ago
- asked a year ago
- asked 2 years ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 7 months ago