AWS Security ChangesHomeSearch

AWS whitepapers documentation change

Service: whitepapers · 2026-04-16 · Documentation low

File: whitepapers/latest/navigating-gdpr-compliance/multi-factor-authentication.md

Summary

Updated navigation links, changed language from 'you' to 'customers', added MFA Delete section for Amazon S3, and updated documentation links.

Security assessment

The changes primarily update language and navigation structure. The addition of MFA Delete documentation for Amazon S3 buckets enhances security documentation by explaining how to add an extra authentication layer for sensitive operations like deleting objects. However, there's no evidence this addresses a specific security vulnerability or incident.

Diff

diff --git a/whitepapers/latest/navigating-gdpr-compliance/multi-factor-authentication.md b/whitepapers/latest/navigating-gdpr-compliance/multi-factor-authentication.md
index 487794a85..b8301c407 100644
--- a//whitepapers/latest/navigating-gdpr-compliance/multi-factor-authentication.md
+++ b//whitepapers/latest/navigating-gdpr-compliance/multi-factor-authentication.md
@@ -1 +1 @@
-[](/pdfs/whitepapers/latest/navigating-gdpr-compliance/navigating-gdpr-compliance.pdf#multi-factor-authentication "Open PDF")
+[View a markdown version of this page](multi-factor-authentication.md)
@@ -3 +3 @@
-[Documentation](/index.html)[AWS Whitepapers](https://aws.amazon.com/whitepapers/)[AWS Whitepaper](welcome.html)
+[](/pdfs/whitepapers/latest/navigating-gdpr-compliance/navigating-gdpr-compliance.pdf#multi-factor-authentication "Open PDF")
@@ -5 +5 @@
-This whitepaper is for historical reference only. Some content might be outdated and some links might not be available.
+[Documentation](/index.html)[AWS Whitepapers](https://aws.amazon.com/whitepapers/)[AWS Whitepaper](navigating-gdpr-compliance-on-aws.html)
@@ -9 +9 @@ This whitepaper is for historical reference only. Some content might be outdated
-For extra security, you can add two-factor authentication to your AWS account and to IAM users. With multi-factor authentication (MFA) enabled, when you sign into the [AWS Management Console](https://aws.amazon.com/console/), you are prompted for your credentials (the first factor), as well as an authentication response from your AWS MFA device (the second factor). You can enable MFA for your AWS account and for individual IAM users you have created in your account. You can also use MFA to control access to AWS service APIs.
+For extra security, customers can add two-factor authentication to their AWS account and to IAM users. With multi-factor authentication (MFA) enabled, when customers sign into the [AWS Management Console](https://aws.amazon.com/console/), they are prompted for their credentials (the first factor), as well as an authentication response from their AWS MFA device (the second factor). Customers can enable MFA for their AWS account and for individual IAM users they have created in their account. Customers can also use MFA to control access to AWS service APIs. 
@@ -11 +11 @@ For extra security, you can add two-factor authentication to your AWS account an
-For example, you can define a policy that allows full access to all AWS API operations in Amazon EC2, but explicitly denies access to specific API operations—such as `StopInstances` and `TerminateInstances`—if the user is not authenticated with MFA. 
+For example, customers can define a policy that allows full access to all AWS API operations in [Amazon EC2](https://aws.amazon.com/ec2/), but explicitly denies access to specific API operations – such as StopInstances and TerminateInstances – if the user is not authenticated with MFA. 
@@ -37,0 +38 @@ For example, you can define a policy that allows full access to all AWS API oper
+To add an extra layer of security to Amazon S3 buckets, customers can configure [MFA Delete](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiFactorAuthenticationDelete.html), which requires additional authentication to change the versioning state of a bucket and permanently delete an object version. MFA Delete provides added security in the event that your security credentials are compromised.
@@ -39,3 +40 @@ For example, you can define a policy that allows full access to all AWS API oper
-To add an extra layer of security to your Amazon S3 buckets, you can configure[ MFA Delete](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html), which requires additional authentication to change the versioning state of a bucket and permanently delete an object version. MFA Delete provides added security in the event that your security credentials are compromised.
-
-To use MFA Delete, you can use either a hardware or virtual MFA device to generate an authentication code. See the [Multi-factor Authentication page](https://aws.amazon.com/iam/features/mfa/) for a list of supported hardware or virtual MFA devices.
+To use [MFA Delete](https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiFactorAuthenticationDelete.html), customers can use either a hardware or virtual MFA device to generate an authentication code. See the [Multi-Factor Authentication page](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa.html) for a list of supported hardware or virtual MFA devices.