AWS Security Blog
Tag: multi-factor authentication
Secure by Design: AWS enhances centralized security controls as MFA requirements expand
At Amazon Web Services (AWS), we’ve built our services with secure by design principles from day one, including features that set a high bar for our customers’ default security posture. Strong authentication is a foundational component in overall account security, and the use of multi-factor authentication (MFA) is one of the simplest and most effective […]
Passkeys enhance security and usability as AWS expands MFA requirements
Amazon Web Services (AWS) is designed to be the most secure place for customers to run their workloads. From day one, we pioneered secure by design and secure by default practices in the cloud. Today, we’re taking another step to enhance our customers’ options for strong authentication by launching support for FIDO2 passkeys as a […]
Secure by Design: AWS to enhance MFA requirements in 2024
November 17, 2025: The MFA Security Key program, which provided eligible customers with free MFA devices, has been discontinued effective November 6th, 2025. While existing devices will continue to function normally, no new orders for MFA security keys will be accepted after the program closure date. Security is our top priority at Amazon Web Services […]
You can now assign multiple MFA devices in IAM
November 17, 2025: The MFA Security Key program, which provided eligible customers with free MFA devices, has been discontinued effective November 6th, 2025. While existing devices will continue to function normally, no new orders for MFA security keys will be accepted after the program closure date. At Amazon Web Services (AWS), security is our top […]
Cyber hygiene and MAS Notice 655
August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. In this post, I will provide guidance and resources that will help you align to […]
Announcing the Availability of Hardware Multi-Factor Authentication in the AWS GovCloud (US) Region
Hardware multi-factor authentication (MFA) is now available in the AWS GovCloud (US) Region to help strengthen data security while giving you control over token keys that have access to your data. MFA is a best practice that adds an extra layer of protection on top of users’ user names and passwords. These token keys that […]