This topic describes how to enable console logon and modify or clear console logon settings for a Resource Access Management (RAM) user.

Enable console logon for a RAM user

You can enable console logon for a RAM user and configure parameters such as the logon password.

  1. Log on to the RAM console by using your Alibaba Cloud account.
  2. In the left-side navigation pane, choose Identities > Users.
  3. In the User Logon Name/Display Name column, click the username of a specific RAM user.
  4. In the Console Logon Management section of the Authentication tab, click Enable Console Logon.
  5. In the Modify Logon Settings panel, configure the following parameters.
    • Console Password Logon: Select Enabled.
    • Set Logon Password: Select Automatically Generate Default Password or Custom Logon Password based on your business requirements.
      Note We recommend that you save the password for subsequent use.
    • Password Reset: Set this parameter to specify whether to reset the password upon the next logon of the RAM user.
    • Enable MFA: Set this parameter to specify whether to enable multi-factor authentication (MFA) for the RAM user.
      Note If you select Required, the page on which you can enable an MFA device automatically appears upon the next logon of the RAM user.
  6. Click OK.

Modify console logon settings for a RAM user

After you enable console logon for a RAM user, you can modify console logon settings based on your business requirements. For example, you can disable console logon or modify the logon password.

  1. Log on to the RAM console by using your Alibaba Cloud account.
  2. In the left-side navigation pane, choose Identities > Users.
  3. In the User Logon Name/Display Name column, click the username of a specific RAM user.
  4. In the Console Logon Management section of the Authentication tab, click Modify Logon Settings.
  5. In the Modify Logon Settings panel, configure the following parameters.
    • Console Password Logon: Select Disabled.
      Note If you select Disabled, you can still modify logon settings for the RAM user. However, the settings after modification do not take effect. The settings take effect only after you select Enabled.
    • Set Logon Password: Select Automatically Generate Default Password or Custom Logon Password based on your business requirements.
      Note We recommend that you save the password for subsequent use.
    • Password Reset: Set this parameter to specify whether to reset the password upon the next logon of the RAM user.
    • Enable MFA: Set this parameter to specify whether to enable multi-factor authentication (MFA) for the RAM user.
      Note If you select Required, the page on which you can enable an MFA device automatically appears upon the next logon of the RAM user.
  6. Click OK.

Clear console logon settings for a RAM user

You can clear console logon settings for a RAM user with a few clicks and disable console logon for the RAM user.

Notice The console logon settings cannot be automatically restored after the settings are cleared. Proceed with caution.
  1. Log on to the RAM console by using your Alibaba Cloud account.
  2. In the left-side navigation pane, choose Identities > Users.
  3. In the User Logon Name/Display Name column, click the username of a specific RAM user.
  4. In the Console Logon Management section of the Authentication tab, click Remove Logon Settings.
  5. In the Remove Logon Settings message, click OK.