Amazon AWS expands multi-factor login requirement and supports passkeys
Amazon AWS boosts security: MFA soon default for all accounts. Passkey login now available. Enhanced protection when accessing your AWS account.
(Image: stockwerk-fotodesign / Shutterstock.com)
Amazon Web Services (AWS) wants to protect accounts even more effectively against unauthorized access and is extending the multi-factor authentication (MFA) requirement for additional accounts. A new feature is that users can now log in to the service with passkeys.
MFA expansion for more security
According to a recent post by the cloud service, they are currently rolling out mandatory MFA for additional accounts. If MFA is active, you need another security feature in addition to your password to log in, such as a code that you have to enter alongside your password. If you do not know this factor, the account remains locked.
Until now, the MFA requirement only applied to AWS Organizations Management accounts of root users. From July this year, the requirement will be gradually introduced for standalone root accounts. Users will be notified that they need to activate MFA within a certain period of time. Further details will be announced by those responsible later this year.
Passwordless login
They also announced that AWS users will now be able to log in with a passkey (FIDO2) instead of a password. This is even more secure than the MFA approach. After all, an attacker could intercept and misuse an MFA code in order to bypass the additional protection.
(des)
