To ensure the security of your Alibaba Cloud account, we recommend that you complete at least one of the following security settings: Change the logon password and enable multi-factor authentication (MFA).
Background information
MFA is an easy-to-use and effective authentication method. MFA adds an extra layer of protection beyond your password. After you enable MFA, you must enter the logon password and the verification code that is generated by an MFA device next time you log on to the Alibaba Cloud Management Console.
Change the logon password
Access the Security Settings page by using your Alibaba Cloud account.
In the Logon Password section, click Change.
Change the logon password as prompted.
The logon password is an identity credential that you can use to log on to the Alibaba Cloud Management Console. Keep the logon password confidential.
We recommend that you change the logon password every 90 days to prevent account theft.
Enable MFA
Before you can enable a virtual MFA device, you must download and install the Alibaba Cloud app or Google Authenticator app on your mobile device.
Access the Security Settings page by using your Alibaba Cloud account.
In the Account Protection section, click Edit.
NoteMFA is renamed Time-based One-time Password (TOTP).
On the Turn on Account Protection page, select scenarios and the TOTP verification method. Then, click Submit.
On the Identity Verification page, select a verification method.
Log on to the Google Authenticator app or Alibaba Cloud app on your mobile device, scan the QR code that appears in the Enable the MFA step, and then click OK.
The Google Authenticator app or Alibaba Cloud App will generate a 6-digit verification code for your Alibaba Cloud account.
NoteThe verification code is updated every 30 seconds.
In the Enable the MFA step, enter the preceding verification code and click Next.
If the system prompts that the MFA device is bound, MFA is enabled.