https://thenets.org/tags/aws/Recent content in Aws on Luiz Felipe F M CostaHugoen-usSun, 02 May 2021 16:15:14 +0000https://thenets.org/posts/enforce-mfa-for-iam-users/Sun, 02 May 2021 16:15:14 +0000https://thenets.org/posts/enforce-mfa-for-iam-users/<p>It&rsquo;s not easy to protect AWS accounts and one of the most common issues is related to credentials leakage that gives access even to all company&rsquo;s resources. Multi-Factor Authentication (MFA) is one way to drastically mitigate most of those attacks.</p> <h2 id="why-use-mfa">Why use MFA?</h2> <p>Do you need some reference for how important it is? Check it out:</p> <blockquote> <p>Time and time again we see user passwords treated with minimal to no security. They are kept in plaintext, reused again and again by employees, and left to fend for themselves in the form of single-factor authentication. This practice has resulted in billions of dollars stolen and enormous data breaches from which it takes organizations months, sometimes years, to recover. Or even worse, threat actors sell your legitimate credentials over and over, meaning your organization never has time to recover and is constantly on the defense. Sound familiar? If we know the problem, we can begin to work toward the solution.\</p>