Enable a passkey or security key for the root user (console)
You can configure and enable a passkey for your root user from the Amazon Web Services Management Console only, not from the Amazon CLI or Amazon API.
To enable a passkey or security key for your root user (console)
-
Open the Amazon Management Console
and sign in using your root user credentials. For instructions, see Sign in to the Amazon Web Services Management Console as the root user in the Amazon Sign-In User Guide.
-
On the right side of the navigation bar, choose your account name, and then choose Security credentials.
-
On your root user My security credentials page, under Multi-factor authentication (MFA), choose Assign MFA device.
-
On the MFA device name page, enter a Device name, choose Passkey or Security Key, and then choose Next.
-
On Set up device, set up your passkey. Create a passkey with biometric data like your face or fingerprint, with a device pin, or by inserting the FIDO security key into your computer's USB port and tapping it.
-
Follow the instructions on your browser to choose a passkey provider or where you want to store your passkey to use across your devices.
-
Choose Continue.
You have now registered your passkey for use with Amazon. The next time you use your root user credentials to sign in, you must authenticate with your passkey to complete the sign-in process.
For help troubleshooting issues with your FIDO security key, see Troubleshoot Passkeys and FIDO Security Keys.