FIDO2 passkeys have arrived for Amazon Web Services (AWS) to boost multi-factor authentication (MFA) on the cloud platform.
The new method of authentication is soon to be applied as standard, with root AWS users having until the end of July 2024 to enable MFA.
The new MFA option will enhance account security, provide synchronicity across platforms, and protect against a number of threats including phishing attacks.
Industry trends towards passkeys
FIDO2 passkeys provide a secure alternative to passwords by providing an authentication system that utilizes the tried and tested public key cryptography. The only way to decrypt the passkey generated by the public key chain is to use the user’s personal device, which hides the private key, adding an additional layer of security.
While some of the best password generators can provide highly secure passwords that are unique to each account, and the best password managers can help store them securely, a single password leak could put your accounts at risk.
BleepingComputer says that Amazon is adhering to the recommendations presented by CISA as part of the Secure by Design pledge, which means that MFA will soon become standard across AWS.
Passkeys will be available with a number of biometric authentication options such as Apple’s Touch ID, and Windows Hello on laptops, among many more. The rollout will initially only affect a small number of users, before gradually expanding to include general user accounts and root users of member accounts, but all users are recommended to activate a method of MFA in the meantime.