Ensure security questions are registered in the AWS account

Error: Security questions are not registered in the AWS account

Bridgecrew Policy ID: BC_AWS_IAM_15
Severity: LOW

Security questions are not registered in the AWS account

Description

The AWS support portal allows account owners to establish security questions that can be used to authenticate individuals calling AWS customer service for support.

When creating a new AWS account, a default super user is automatically created, known as the root account. We recommend the use of this account is limited and highly controlled. During events in which the root password is no longer accessible or the MFA token associated with root is lost/destroyed it is possible, through authentication using secret questions and associated answers, to recover root login access. To do this security questions must be established and registered early in the creation process.


Did this page help you?