Resetting lost or forgotten passwords or access keys for Amazon - Amazon Identity and Access Management
Resetting a lost or forgotten root user password
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Resetting lost or forgotten passwords or access keys for Amazon

Having trouble signing in to Amazon? Make sure that you're on the correct Amazon sign-in page for your type of user. If you are the Amazon Web Services account root user (account owner), you can sign in to Amazon using the credentials that you set up when you created the Amazon Web Services account. If you are an IAM user, your account administrator can give you the credentials that you can use to sign in to Amazon. If you need to request support, do not use the feedback link on this page, as the form is received by the Amazon Documentation team, not Amazon Web Services Support. Instead, on the Contact Us page choose Still unable to log into your Amazon account and then choose one of the available support options.

On the main sign-in page, you must enter your email address to sign in as the root user, or enter your account ID to sign in as an IAM user. You can provide your password only on the sign-in page that matches your user type. For more information, see Signing in to the Amazon Web Services Management Console.

If you are on the correct sign-in page and lose or forget your passwords or access keys, you cannot retrieve them from IAM. Instead, you can reset them using the following methods:

  • Amazon Web Services account root user password – If you forget your root user password, you can reset the password from the Amazon Web Services Management Console. For details, see Resetting a lost or forgotten root user password later in this topic.

  • Amazon Web Services account access keys – If you forget your account access keys, you can create new access keys without disabling the existing access keys. If you are not using the existing keys, you can delete those. For details, see Creating access keys for the root user and Deleting access keys for the root user.

  • IAM user password – If you are an IAM user and you forget your password, you must ask your administrator to reset your password. To learn how an administrator can manage your password, see Managing passwords for IAM users.

  • IAM user access keys – If you are an IAM user and you forget your access keys, you will need new access keys. If you have permission to create your own access keys, you can find instructions for creating a new one at Managing access keys (console). If you do not have the required permissions, you must ask your administrator to create new access keys. If you are still using your old keys, ask your administrator not to delete the old keys. To learn how an administrator can manage your access keys, see Managing access keys for IAM users.

You should follow the Amazon best practice of periodically changing your password and Amazon access keys. In Amazon, you change access keys by rotating them. This means that you create a new one, configure your applications to use the new key, and then delete the old one. You are allowed to have two access key pairs active at the same time for just this reason. For more information, see Rotating access keys.

Resetting a lost or forgotten root user password

When you first created your Amazon Web Services account, you provided an email address and password. These are your Amazon Web Services account root user credentials. If you forget your root user password, you can reset the password from the Amazon Web Services Management Console.

To reset your root user password:

  1. Use your Amazon Web Services account email address to begin signing in to the Amazon Web Services Management Console as the root user and then choose Next.

    Note

    If you are signed in to the Amazon Web Services Management Console with IAM user credentials, then you must sign out before you can reset the root user password. If you see the account-specific IAM user sign-in page, choose Sign-in using root account credentials near the bottom of the page. If necessary, provide your account email address and choose Next to access the Root user sign in page.

  2. Choose Forgot your password?.

  3. Provide the email address that is associated with the account. Then provide the CAPTCHA text and choose Continue.

  4. Check the email that is associated with your Amazon Web Services account for a message from Amazon Web Services. The email will come from an address ending in @amazon.com or @amazonaws.cn. Follow the directions in the email. If you don't see the email in your account, check your spam folder. If you no longer have access to the email, see I don't have access to the email for my Amazon account in the Amazon Sign-In User Guide.