Root User without MFA

Risk Level

Hazardous (3)



The root user account is the most privileged user in an AWS account. Multi-factor Authentication (MFA) adds an extra layer of protection on top of a username and password. With MFA enabled, when a user signs in to an AWS website, they will be prompted for their username and password as well as for an authentication code from their AWS MFA device.
  • Recommended Mitigation

    Enable Multi-Factor Authentication for your root accounts.