I've hit a wall with Amazon's MFA requirements. After they locked me out of my account, I need to get a TOTP, but it's a nightmare. I can't log in to my account, which means I'm losing money on a machine that's been running for over 8 months, and I can't even shut it down via SSH since I don't know the IP address. To make matters worse, there's no way to buy the authentication token in Italy—I'd have to import it from the U.S. with shipping costs. I've tried contacting AWS support for help, but they just pointed me to the MFA info page without addressing my situation.
So here are my main concerns:
1. Is there a place in Italy or Europe where I can buy this token?
2. Which specific model should I look for?
On top of that, I'm dealing with spyware on my computer that I can't seem to get rid of. I'm worried that if my PC is compromised, are these MFA devices really secure? I used to feel secure with SMS authentication on my old Nokia, which felt safer than having a device linked to a hacked PC. I don't want to end up lowering my security under the guise of improving it, especially if I have to pay for it.
3 Answers
Hey! You might want to consider using apps like Microsoft Authenticator or Google Authenticator—those should work for you. Also, there's Authy as an alternative if that helps!
I'm really sorry you're experiencing these issues! You might want to look into setting up a virtual MFA device instead of a physical token. Check out this AWS link for guidance: https://go.aws/4gkXPD3. Also, if you have a case ID already, reach out to the MFA team for more assistance.
Thanks so much for the tip!
Honestly, if your PC is compromised, very little online is secure. Even if your phone's safe, the message delivery system could still be vulnerable. SMS was actually less secure in many cases, so definitely keep that in mind.
Yeah, Authy is a good one too! It’s pretty user-friendly.