AWS & MFA

Amazon Web Service is a key threat for hackers. If hackers have access to your AWS account, they can endure you a tremendous cost. The trend has been to use AWS credentials found online (through an unwanted commit, or other means) to spin up EC2 instances that mine on some kind of blockchain.

One way to mitigate the risk, which Amazon recommends, is to use MFA (Multi Factor Authentication). However, AWS’ recommendation only applies to the Web Console, not programmatic access. If your users have programmatic access (with a key secret pair), it can be harder to enforce requiring MFA.