When you first create your AWS account you create a root user, this account has access to everything within AWS. As a result, it is highly recommended that you do not use this account to perform everyday tasks and operations; instead this account should be used to create your first IAM user with privileged access. You should then use this new IAM user to continue administering your account and setting up other identities. Once you have created this power user, you should disable the root accounts access and secret access keys. MFA is a must for your root account to provide an additional level of authentication.