The e-mail and password you have used to open an AWS account are called your root credentials. They give you root access to every AWS service, which means unlimited access to unlimited resources. Someone obtaining your root credentials without your knowledge could rack up a heavy bill and they could carry out all types of activities through your account in your name. It is highly recommended not to use this root access in your everyday operations with AWS and to set up your account with the highest security level possible.
Fortunately, AWS offers many ways to control and compartmentalize access to your AWS account through users, groups, roles, policies, passwords, and multi-factor authentication to reduce risks of unlawful access ...