User in use with disabled MFA

Authentication

User in use with disabled MFA

Risk Level

Hazardous (3)

Platform(s)

Compliance Frameworks

AliCloud CIS
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
essential_8_au
essential_8_au_level_1
essential_8_au_level_2
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Multi-Factor Authentication (MFA) adds another mechanism of authentication on top of a username and password. It makes it harder for an attacker to gain access to protected resources. Therefore, MFA should be enabled for all users that have console logon password enabled. We have found that the user {AliCloudUser} (ID: {AliCloudUser.UserId}) does not have MFA enabled.

Recommended Mitigation

It is recommended to enable Multi-Factor Authentication (MFA) for users who log in using the console. For information about MFA configuration, see: <a href="https://www.alibabacloud.com/help/en/resource-access-management/latest/multi-factor-authentication-enable-an-mfa-device-for-a-ram-user" target="_blank" rel="noopener noreferrer">https://www.alibabacloud.com/help/en/resource-access-management/latest/multi-factor-authentication-enable-an-mfa-device-for-a-ram-user</a>

User in use with disabled MFA

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS