Using MFA devices with your IAM sign-in page
Signing-in with Multiple MFA Devices Enabled
If this situation happens, then, the user only requires to use one MFA device to sign-in and after authenticating the user's password, they can select the type of MFA device they would like to use to finish it. After that, the user is prompted to authenticate with the type of device that they selected.
Signing-in with a FIDO Security Key
If MFA is used by the users, they have to tap the FIDO security key on the second sign-in page. However, the Google Chrome users doesn't require to choose any of the available options, they have to just tap on the security key and if the FIDO security key is broken or lost, then, the administrators can easily deactivate it.
Signing-in with a Virtual MFA Device
If MFA is used by the users, they have to enter the numeric code provided by the MFA application, in the MFA code box, on the second sign-in page. As the virtual MFA device may go out of sync, the user can be urged to synchronize it if they can't sign-in to the AWS Management Console even after several tries. The on-screen prompts will help the user in synchronizing the virtual MFA device.
Signing-in with a Hardware TOTP Token
If MFA is used by the users, they have to enter the numeric code provided by a hardware TOTP token, in the MFA code box, on the second sign-in page. As the hardware TOTP token may go out of sync, the user can be urged to synchronize it if they can't sign-in to the AWS Management Console even after several tries. The on-screen prompts will help the user in synchronizing the MFA token device .
Comments
Post a Comment