When to sign in as a root user
Certain administrative tasks require that you must sign in as a root user. You can sign in as a root user to an AWS account that was created by account factory in AWS Control Tower.
You must sign in as a root user to perform the following actions:
- 
    Change certain account settings, including the account name, root user password, or email address. For more information, see Update and move accounts with AWS Control Tower. 
- 
    For more information about actions that require root user login credentials, see Tasks that require root user credentials in the AWS Account Management Reference Guide. 
Note
To change or enable your AWS Support plan, you must be signed in as the root user or be a user with the appropriate IAM permissions. .
To sign in as root user
- 
    Open the AWS sign-in page. If you don't have the email address of the AWS account to which you require access, you can get it from AWS Control Tower. Open the console for the management account, choose Accounts, and look for the email address. 
- 
    Enter the email address of the AWS account to which you require access, and then choose Next. 
- 
    Choose Forgot password? to have password reset instructions sent to the root user email address. 
- 
    Open the password reset email message from the root user mailbox, then follow the instructions to reset your password. 
- 
    Open the AWS sign-in page, then sign in with your reset password. 
Alternatively, you can use the AWS Root Access Management feature, which allows root actions to be performed on member accounts, without needing to sign in as Root. For more information, see Centrally managing root access for customers using AWS Organizations