Using Amazon Cognito user pools security features - Amazon Cognito
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Using Amazon Cognito user pools security features

You can add multi-factor authentication (MFA) to a user pool to protect the identity of your users. MFA adds a second authentication factor so that your user pool doesn't rely solely on username and password. You can use either SMS text messages or time-based one-time passwords (TOTP) as second factors to sign in your users. You can also use adaptive authentication with its risk-based model to predict when you might need another authentication factor. User pool advanced security features include adaptive authentication and protections against compromised credentials.