AWS Identity and Access Management now supports passkey as a second authentication factor

AWS hosted its annual cloud security event – which featured a keynote presentation from Chris Betz, AWS CISO, Steve Schmidt, Amazon CSO, and Ash Edmondson, AVP of Security Architecture and Engineering at Eli Lilly, emphasizing how security is deeply embedded into AWS’s culture and introducing new innovations that help drive this mission forward.

AWS Identity and Access Management (IAM) now supports passkey as a second authentication factor to provide easier and more secure sign-ins across your user’s devices. Based on FIDO standards, passkeys use public key cryptography, which enables strong, phishing-resistant authentication that is more secure than passwords. IAM now allows you to secure access to AWS accounts using passkeys for multi-factor authentication (MFA) with support for built-in authenticators, such as Touch ID on Apple MacBooks and Windows Hello facial recognition on PCs. Passkeys can be created with a hardware security key or your chosen passkey provider using your fingerprint, face, or device PIN which can be synced across your devices to sign-in with AWS. This capability extends the existing multi-factor authentication (MFA) functionality to include passkeys as a second factor. Passkey support in IAM is a new feature to help improve MFA usability and recoverability. You can use a range of supported IAM MFA methods, including FIDO-certified security keys to harden access to your AWS accounts.

Said Mr. Phil Rodrigues, Global Head of Customer Security Outcomes, AWS. ”Security is our top priority. AWS provides our customers in India with cloud security solutions that allow them to experiment and iterate securely, so they can move quickly and stay secure, especially in this day of generative AI. At AWS re:Inforce, we announced a series of services and features which allow customers to innovate securely with advanced technology including generative AI, enhance their security with more multi-factor authentication options, and more. Our focus is to continually raise the bar for security in the industry by providing the most secure place for builders in India to develop innovative applications.”