AWS adds passkey support to boost MFA protection

Hands typing on a keyboard surrounded by security icons
(Image credit: Shutterstock)

FIDO2 passkeys have arrived for Amazon Web Services (AWS) to boost multi-factor authentication (MFA) on the cloud platform.

The new method of authentication is soon to be applied as standard, with root AWS users having until the end of July 2024 to enable MFA.

The new MFA option will enhance account security, provide synchronicity across platforms, and protect against a number of threats including phishing attacks.

FIDO2 passkeys provide a secure alternative to passwords by providing an authentication system that utilizes the tried and tested public key cryptography. The only way to decrypt the passkey generated by the public key chain is to use the user's personal device, which hides the private key, adding an additional layer of security.

While some of the best password generators can provide highly secure passwords that are unique to each account, and the best password managers can help store them securely, a single password leak could put your accounts at risk. 

BleepingComputer says that Amazon is adhering to the recommendations presented by CISA as part of the Secure by Design pledge, which means that MFA will soon become standard across AWS.

Passkeys will be available with a number of biometric authentication options such as Apple’s Touch ID, and Windows Hello on laptops, among many more. The rollout will initially only affect a small number of users, before gradually expanding to include general user accounts and root users of member accounts, but all users are recommended to activate a method of MFA in the meantime.

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for close to 5 years, at first covering geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division). Benedict then continued his studies at a postgraduate level and achieved a distinction in MA Security, Intelligence and Diplomacy. Benedict transitioned his security interests towards cybersecurity upon joining TechRadar Pro as a Staff Writer, focussing on state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.