This topic describes some basic concepts of security settings in the RAM console.

Password

An identity credential that is used to log on to the Alibaba Cloud console.

Note We recommend that you change your password on a regular basis and keep your password private.

For more information about how to set a password, see Change the password for an Alibaba Cloud account and Change the password for a RAM user.

Default domain name

A unique identifier of an Alibaba Cloud account. Alibaba Cloud assigns a default domain name for each Alibaba Cloud account. The format of the default domain name is <AccountAlias>.onaliyun.com. This unique identifier can be used for RAM user logon and single sign-on (SSO) management.

For information about how to set a default domain name, see Manage the default domain name.

Domain alias

A custom domain name that can be used to replace the default domain name. The custom domain name must be publicly resolvable. A domain alias is the alias of the default domain name.

Note A domain alias can be used only after domain ownership verification. After verification, you can use the domain alias to replace the default domain name in all scenarios where the default domain name is required.

For information about how to set a domain alias, see Create a domain alias.

AccessKey pair

An identity credential that consists of an AccessKey ID and AccessKey secret. You can use your AccessKey pair or Alibaba Cloud SDK to sign API requests that you send to Alibaba Cloud. The AccessKey ID and AccessKey secret are used for symmetric encryption and identity verification. After the identity is verified, you can manage Alibaba Cloud resources by calling API operations.

The AccessKey ID is used to identify a user, and the AccessKey secret is used to encrypt and verify a signature string.

Note The AccessKey secret is displayed only when you create an AccessKey pair, and is unavailable for subsequent queries. We recommend that you save the AccessKey secret for subsequent use.

For information about how to create an AccessKey pair, see Create an AccessKey pair for a RAM user.

Multi-factor authentication (MFA)

A simple best practice that adds an extra layer of protection on top of your username and password. Multi-factor authentication provides enhanced security for your account. If you log on to the Alibaba Cloud console with MFA enabled, you must enter the following information:

  1. Username and password
  2. Verification code provided by the MFA device

For information about how to set MFA, see Enable an MFA device for an Alibaba Cloud account and Enable an MFA device for a RAM user.