Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account

Disable 2FA for HSM users using AWS CloudHSM Management Utility

PDF
RSS
Focus mode
Disable 2FA for HSM users using AWS CloudHSM Management Utility - AWS CloudHSM

Use the AWS CloudHSM Management Utility (CMU) to disable two-factor authentication (2FA) for hardware security module HSM) users in AWS CloudHSM.

To disable 2FA for CO users with 2FA enabled

  1. Use CMU to log in to the HSM as a CO with 2FA enabled.

  2. Use changePswd to remove 2FA from CO users with 2FA enabled. 

    aws-cloudhsm > changePswd CO example-user <new password>

    CMU prompts you to confirm the change password operation.

    Note

    If you remove the 2FA requirement or change the password for a 2FA user that is also a quorum authentication user, you will also remove the registration of the quorum user as an MofN user. For more information about quorum users and 2FA, see Quorum authentication and 2FA in AWS CloudHSM clusters using AWS CloudHSM Management Utility.

  3. Type y.

    CMU confirms the change password operation.

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.