lacework-global-33
Register security questions in the AWS account (Manual)
Profile Applicability
• Level 1
Description
The AWS support portal allows account owners to establish security questions for authentication of individuals calling AWS customer service for support. Best practices recommend establishing security questions.
Rationale
When creating a new AWS account, a default super user is automatically created. This account is referred to as the 'root user' or 'root' account. It is recommended that the use of this account be limited and highly controlled. During events in which the 'root' password is no longer accessible or the MFA token associated with 'root' is lost/destroyed it is possible, through authentication using secret questions and associated answers, to recover 'root' user login access.
Audit
From Console
- Login to the AWS account as the 'root' user
- On the top right you will see the
Root Account Name
. - Click on the
Root Account Name
. - From the drop-down menu, click
My Account
. - In the
Configure Security Challenge Questions
section on thePersonal Information
page, configure three security challenge questions. - Click
Save questions
.
Remediation
From Console
- Login to the AWS Account as the 'root' user.
- Click the
Root Account Name
from the top right of the console. - From the drop-down menu click Account.
- Scroll down to the
Configure Security Questions
section. - Click
Edit
. - Click each
Question
:- From the drop-down select an appropriate question
- Click the
Answer
section - Enter an appropriate answer
- Follow process for all 3 questions
- Click
Update
when complete. - Save Questions and Answers and place in a secure physical location.