Tuesday, January 28, 2025

Mindcraft

Subscribe

VMware Backup: Essential Considerations for Migrating Away from VMware

Three Sentenced in Connection with OTP.Agency MFA Fraud Scheme

Cyber Incident That Led to Closure of British Museum Was an Inside Job

Discover 7 Promising Future Applications of Quantum Computing

Public Cloud: Ensuring Data Sovereignty and Security in the UK

High Court: Sky Betting’s Targeting of Problem Gamblers Deemed ‘Parasitic’

Victims of Post Office Scandal Say It’s High Time for a Review of Legal Rules on Computer Evidence

US Charges Five in Phony North Korean IT Contractor Scheme

MPs Condemn Latest Independent Inquiry into Loan Charge as ‘a Farce’

AWS Expands MFA Program Following Initial Success

Amazon Web Services (AWS) is expanding its mandatory multi-factor authentication (MFA) program after a noticeable increase in customer participation and a drop in password-related phishing incidents. Since rolling out MFA for root users in May 2024, starting with its largest accounts, AWS has seen impressive results.

In June, the company introduced FIDO2 passkeys as a new MFA option, further encouraging user adoption. According to Arynn Crow, AWS’s principal product manager, over 750,000 root users activated MFA since April, and registrations have more than doubled since adding FIDO2. This policy change has reportedly thwarted over 99% of password-related attacks.

Crow emphasized that AWS designs its services with security as a priority. Strong authentication plays a critical role in protecting accounts, and MFA is one of the most effective methods to keep unauthorized individuals away from systems and data. Given the success so far, AWS plans to extend MFA requirements to member accounts in AWS organizations starting in Spring 2025.

Customers without central management of root access will need to set up MFA for their organization’s member account root users to access the Management Console. AWS will implement this in phases, notifying affected customers in advance to ease the transition and minimize disruption.

On top of boosting MFA usage, AWS aims to tackle the issue of passwords altogether. Crow pointed out that standard password practices often lead to security vulnerabilities and added operational burdens, especially for customers with high security demands. To address this, AWS launched a new feature for central management of root access, simplifying password management while maintaining control over root principals.

Now, customers can enable centralized root access with just a quick adjustment in their management console or via the AWS command line interface, allowing them to eliminate long-term credentials for member account root users. “This will enhance security while reducing operational overhead,” Crow noted.

Mindcraft

Mindcraft is your premier destination for the latest updates and in-depth analysis of the ever-evolving world of information technology. Our mission is to keep you informed about the most significant developments, trends, and innovations in the IT industry, all in one place.

In the world of IT, innovation is the heartbeat that drives progress, turning dreams into reality and transforming the impossible into the inevitable.

Mindcraft Team Tweet

Share please!