Source: www.darkreading.com – Author: Dark Reading Staff, Dark Reading
Amazon Web Services announced that starting mid-2024, root users of an AWS Organization account will be required to use multifactor authentication (MFA) to log in.
AWS will continue to expand MFA requirements to include users with lower access privileges, Amazon’s Steve Schmidt added in a blog post this week.
MFA options for AWS login will include FIDO security keys, a virtual authenticator application, or hardware-generated time-based, one-time password (TOTP) tokens, Amazon’s MFA guide said. The cloud provider also set up an MFA key portal where customers can request a free security key.
“We recommend that everyone adopts some form of MFA, and additionally encourage customers to consider choosing forms of MFA that are phishing-resistant, such as security keys,” Schmidt wrote in the post.
Last July, AWS cloud environments were targeted by sprawling, credential-stealing and cryptomining cyberattacks, which later spread to Azure and Google Cloud environments.
Original Post URL: https://www.darkreading.com/cloud/aws-plans-multifactor-authentication-mandates-for-2024
Category & Tags: –
