For extra security I had configured my AWS account with Two-step authentication or as Amazon calls it “Multi-Factor Verification (MFA)”. I used the Virtual MFA device option, which basically means I don’t have to buy a hardware MFA device, instead I can use a free Android App such as Google Authenticator or Amazon’s very own AWS Virtual MFA
But recently my Galaxy S3 phone was reset by my son by entering the wrong pin code 7 times (Beware S3 owners with nosy kids around :)) This meant my Google Authenticator configurations for my Amazon AWS account was gone for good!
Since Amazon does not provide an option to store a set of backup codes like Google, there was absolutely no way I could login to my AWS console now!
Does this mean my AWS account is lost in oblivion? Well not really, thanks to great support from Amazon, even for free-tier accounts like mine!
All I had to do was go to the Unusable Authentication Device page and fill out just two fields of a simple form providing my Primary phone number I used to register my AWS account and then select the problem I encountered from the drop down. I selected “Other Problem Not listed here” since the most problems listed seemed to be specific to the Hardware MFA device.
Lo and behold, within a couple of minutes my phone is ringing indicating a call from Washington! 🙂 The guy from AWS support verifies my phone number by calling me and then tells me to check my mail and mention the security code for further verification.
Once I provided the security code to him the Virtual MFA device was immediately removed from my AWS account enabling me to login to my AWS console using just my username and password.
That was really FAST and AMAZING service from Amazon’s AWS support team! I didn’t expect such a prompt response. The process was very smooth as well.
I also hope in future AWS provides a set of backup codes for MFA as well, then I will not have to setup Virtual MFA from scratch again, especially when my son goofs around with my phone 🙂
TIP: Make sure the phone number given in your AWS account is correct (and updated in case you change it), this will avoid the need for a longer verification process by the Amazon support staff.