Problems signing in to AWS? When the login page “Sign in as IAM user” repeatedly says: “Your authentication information is incorrect. Please try again” though you entered correct information, your Gemalto token generator for MFA authentication could be out of sync.

Follow these steps to resync your Gemalto token for access to your AWS account.

Step 1. Sign in as AWS root

Sign in to the AWS Management Console as the AWS root user for the account.

Step 2. Verify the configuration of IAM user’s sign-in credentials

In the AWS Management Console for the account, head straight to the IAM service, find the user and navigate to the user’s security credentials.

Verify that the user is accessing the appropriate account using either the account number or alias.
Verify the serial number of the token generator.

To replace or resync the token generator, click on the link “manage” next to “Assigned MFA device”.

Step 3. Resync the MFA device

In the dialog “Manage MFA device”, click on Resync and confirm.

Press the button on the Gemalto device to generate “MFA code 1”, then enter it in the appropriate field.

Press the button on the Gemalto device a second time to generate “MFA code 2”, then enter it in the appropriate field.

Confirm and you are done. The IAM user should now be able to sign in without a problem.