[Solved] Why does AWS recommend enabling MFA on the root account even if IAM users have MFA enabled? — Ans: Because the root account has unrestricted access and MFA protects it from... | AWS

AWS - Identity and Access Management

Why does AWS recommend enabling MFA on the root account even if IAM users have MFA enabled?

ABecause MFA on the root account speeds up AWS service provisioning.

BBecause MFA on IAM users automatically disables root account access.

CBecause the root account has unrestricted access and MFA protects it from unauthorized use.

DBecause MFA on the root account is required to create IAM users.

Step-by-Step Solution

Solution:

Step 1: Understand root account privileges
The root account has full unrestricted access to all AWS resources.
Step 2: Recognize importance of protecting root
Enabling MFA on root prevents unauthorized full control even if password is compromised.
Final Answer:
Because the root account has unrestricted access and MFA protects it from unauthorized use. -> Option C
Quick Check:
Root account MFA = critical for full access protection [OK]

Quick Trick: Always protect root account with MFA for full security [OK]

Common Mistakes:

Master "Identity and Access Management" in AWS

9 interactive learning modes - each teaches the same concept differently

More AWS Quizzes

Why does AWS recommend enabling MFA on the root account even if IAM users have MFA enabled?