Enable AWS Multi-factor Authentication using an Open-Source Application on a Windows PC
Muti-factor authentication (MFA) commonly used to provide an extra layer of protection to your online accounts. The different MFA Form Factors can be used to enable MFA for your AWS user accounts. WinAuth is an one of the virtual MFA Application that provides Google Authenticator on a windows PC.
This tutorial will walk you through the steps of how to enable Multi-factor Authentication for an AWS user account using WinAuth.
First download WinAuth from its official website, extract the zip file and open the executable.
Then click on the Add button and select the Google as authenticator option.
This will open the Google Authenticator configuration window and you will need to enter the security key generated by AWS.
In order to get the security key, Login to AWS console and navigate to the IAM service under service category Security, Identity, & Compliance. Then select Users and search the user account in the search bar and click on the user to access the user account options.
Next select the Security Credentials tab in the user account options and click on the Manage link in the field of Assigned MFA device.
Choose the type as the Virtual MFA device and click continue button.
Click on the “Alternatively, You can type the secret key Show Secret Key” and copy it. Keep the “Set up virtual MFA device” window open.
Now go back to the WinAuth window and paste the secret key generated by AWS and click on the Verify Authenticator button and note two consecutive MFA codes generated from WinAuth and click OK button.
The WinAuth Protection window will be opened and enter suitable password to protect authenticators configured, then click OK.
Finally go back to AWS “Set up virtual MFA device” window and type the generated MFA codes in the fields MFA code 1 and MFA code 2 and click Assign MFA button.
Now you have properly enabled Muti-factor authentication (MFA) for your AWS user account. Going forward access the AWS account with entering the code generated from WinAuth as the second factor authentication.
That’s it. 😉