Description

Multi-Factor Authentication (MFA) adds another mechanism of authentication on top of a username and password. It makes it harder for an attacker to gain access to protected resources. Therefore, MFA should be enabled for all users that have console logon password enabled. We have found that the user {AliCloudUser} (ID: {AliCloudUser.UserId}) does not have MFA enabled.

• 

  Recommended Mitigation

  It is recommended to enable Multi-Factor Authentication (MFA) for users who log in using the console. For information about MFA configuration, see: https://www.alibabacloud.com/help/en/resource-access-management/latest/multi-factor-authentication-enable-an-mfa-device-for-a-ram-user