An additional layer of protection is now available to protect your AWS account from unauthorized use. Once activated for your AWS account, the new Amazon Multi-Factor Authentication (MFA) feature requires you to provide a second piece of information (an authentication code) in order to log in to the AWS Portal and the AWS Management Console.
Once you have the device in-hand you can activate it for your AWS account using the AWS portal. From that point forward, you will need to provide your password and the authentication code from the device in order to log in.
The devices are small, lightweight, and long-lasting. Fraudulent usage becomes much more difficult because a successful login combines something you know (your email address and password) with something you have (the authentication device).