Posted On: Jun 23, 2023
Today, AWS Identity and Access Management (IAM) announces the general availability of support for FIDO2 security keys in the AWS GovCloud (US-East and US-West) Regions. The FIDO2 specifications rely on public key cryptography, enabling cryptographically secure and phishing-resistant multi-factor (MFA) authentication.
This new capability expands the existing MFA functionality by introducing additional options such as FIPS-validated security keys. With this update, you also gain the flexibility to specify the registration of specific authenticators in your IAM policies, based on your preferred certification type and level. This gives you an additional mechanism to define what kinds of authenticators your users can register if you have specific security or compliance requirements.
Customers can leverage any supported IAM MFA method, including FIDO security keys, to strengthen the security of their AWS accounts. By doing so, customers can provide their users with the highest level of protection while ensuring that your organization meets its usability, security, and compliance goals.
To learn more, please see Using MFA in AWS.