Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
AWS Plans Multifactor Authentication Mandates for 2024
Amazon will add new MFA requirements for users with the highest privileges, with plans to include other user levels over time.
1 Min Read
Source: Dzianis Hill via Alamy Stock Photo
Amazon Web Services announced that starting mid-2024, root users of an AWS Organization account will be required to use multifactor authentication (MFA) to log in.
AWS will continue to expand MFA requirements to include users with lower access privileges, Amazon's Steve Schmidt added in a blog post this week.
MFA options for AWS login will include FIDO security keys, a virtual authenticator application, or hardware-generated time-based, one-time password (TOTP) tokens, Amazon's MFA guide said. The cloud provider also set up an MFA key portal where customers can request a free security key.
"We recommend that everyone adopts some form of MFA, and additionally encourage customers to consider choosing forms of MFA that are phishing-resistant, such as security keys," Schmidt wrote in the post.
Last July, AWS cloud environments were targeted by sprawling, credential-stealing and cryptomining cyberattacks, which later spread to Azure and Google Cloud environments.
About the Author
You May Also Like
More Insights
