AWS Multi-Factor Authentication (AWS MFA) is an additional layer of security that offers enhanced control over your AWS account settings. It is an opt-in account feature that requires a valid six-digit, single-use code from an authentication device in your physical possession in addition to your standard AWS account credentials before access is granted to your AWS account settings.
You can use AWS MFA in conjunction with Amazon S3’s Versioning capability for additional protection of your Amazon S3 stored versions. The newer version of MSP360 Explorer PRO comes with MFA support for object delete operations.
Configuring MSP360 Explorer to Use MFA
First, you have to save the MFA Serial Number along with the account detail. Make sure that this MFA device is already associated with your account on AWS Portal.
Click Specify MFA serial number link on the account detail dialog
Enter the MFA Serial number.
Check out the label on your device to find out the Serial number
Configuring Bucket to Use MFA
Go to the Versioning tab of the property window for the bucket you want to enable MFA. Check Enable MFA delete option. When you click apply or ok button you will see a dialog box asking you provide 6-digit code from your device. Once you enter the correct code the MFA delete is on for this bucket.
How to Delete Object Versions When MFA Is On
MFA is used to protect delete versions operations from unauthorized and unintended use so that it doesn’t get deleted accidentally. When you delete a version it will pop up a dialog where you have to enter a 6-digit code from your device. If you fail to provide the correct code you will not be able to finish the operation.
We hope you will find MFA delete support in MSP360 Explorer PRO useful and it will make you feel more confident about your data security.