Aws Mfa Disabled
Description
Detects IAM users who can access the AWS Management Console but haven't enabled Multi-Factor Authentication (MFA). This creates a security risk since these user accounts rely only on password authentication, making them more vulnerable to unauthorized access through compromised credentials.
Detection Strategy
• Identifies all IAM users in the AWS account
• Checks if each user has an active login profile (indicating console access)
• Verifies if the user has any MFA devices configured
• Reports a vulnerability when a user has console access but no MFA devices are associated with their account
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.