Posted On: May 31, 2022

AWS Identity and Access Management (IAM) now supports the Web Authentication (WebAuthn) standard for strong and phishing-resistant authentication across all supported browsers. WebAuthn is part of the FIDO2 set of specifications that succeed FIDO U2F API, enabling secure multi-factor authentication with security keys based on public key cryptography.

This capability extends the existing multi-factor authentication (MFA) functionality to ensure compatibility with the latest internet browsers and FIDO-compliant authenticators. The Safari browser is also now supported for authentication and registration of security keys, in addition to other major browsers such as Mozilla, Opera, Firefox, and Chrome. Users that already have FIDO-compliant authenticators, such as FIDO U2F security keys, will be able to continue to use these authenticators.

You can use any supported IAM MFA methods, including FIDO-compatible security keys to harden access to your AWS accounts and provide the best protection for your users that meets your organization’s usability, security, and compliance needs. To learn more, see Using MFA in AWS.