Amazon recently announced improved support for using FIDO2 security keys as an MFA device to log on to the Amazon Web Services (AWS) console. As a result, FIDO2 security keys, like FEITIAN keys, are now supported on AWS GovCloud (US region) – providing phishing-resistant MFA for all users.
Additionally, Amazon Web Services has improved their support for device attestation in all regions – including supporting IAM policies that can be used to enforce enrollment with FIPS-certified or FIDO Alliance-certified devices. Many of FEITIAN’s FIDO security keys, including K9 Plus, K40 Plus, K44, K26 Plus, K27 Plus, K49 and K50 are both FIPS 140-2 (Physical Security Level 3) validated and FIDO Level 2 certified, providing the highest level of security and compliance needs.
This news means that however you access the AWS console – either via a root account, an IAM user, commercial or government cloud, a desktop or a supported mobile platform – you can secure your access with our easy-to-use, phishing-resistant FIDO2 security key. AWS even supports enrolling a FIDO2 credential on behalf of another user for organizations that need extra control over their AWS console credentials.
If you have a FEITIAN security key and an AWS account in a standard AWS region, we recommend registering an additional key today (accounts in standard regions support up to 8 MFA devices per user). AWS GovCloud currently only supports a single MFA device per user, but we anticipate support for multiple security keys in the future, as this is provided in standard AWS regions today.
Check out some recent FEITIAN blog posts:
