How Do I Enable Login Authentication?

To ensure account security, you are advised to enable login authentication.

After you enable this function, you and IAM users created using your account need to enter a verification code generated by the bound virtual MFA device, an SMS verification code, or an email verification code on the Login Verification page during login.

If you disable this function, you and the IAM users only need to enter the account name/username and password during login.

Procedure

Enabling login authentication for an IAM user on the IAM console as an administrator

In the navigation pane, choose Users.
Click Security Settings in the row containing the target user.
On the Security Settings tab page, select a verification method and enter a verification code in the Login Protection area.
Click OK.

Enabling login authentication for yourself (account administrator) on the Account Security Settings page

On the IAM console, choose Account Security Settings in the navigation pane.
Click the Critical Operations tab, and click Enable next to Login Protection.
On the Login Protection page, select Enable, select a verification method, and enter a verification code.
Click OK.

Related Operations

You can change the login verification method of your IAM users or account:

To change the login verification method of an IAM user, go to the user list on the IAM console, click Security Settings in the row that contains the user, click next to Verification Method under Login Protection, and then change the verification method.
To change the login verification method of your account, go to the Account Security Settings page, click the Critical Operations tab, click Change next to Login Protection, and then change the verification method.