Amazon's cloud gets multi-factor authentication

Amazon Web Services customers will be able to buy a small device that adds extra security to their accounts, but the code-generators are currently only available in the US

Users of Amazon Web Services are being offered authentication devices, similar to those used by many online banking customers, for secure access to their cloud services accounts.

The AWS Multi-Factor Authentication (AWS MFA) security system was announced on Monday on the Amazon Web Services Blog. The system uses a device roughly the size of a USB memory stick to generate a single-use, six-digit code which can be used as an extra layer of security after the entry of the user's email address and password.

One token generator is currently on offer — the Ezio, from security company Gemalto — but Amazon says a variety of companies will provide the devices.

In the blog post, the AWS team said the device should be "especially attractive" to the service's enterprise customers.

"The devices are small, lightweight, and long-lasting," the team wrote. "Fraudulent usage becomes much more difficult because a successful login combines something you know (your email address and password) with something you have (the authentication device)."

The single-use passwords are generated according to a reference architecture provided by the Initiative for Open Authentication (OATH), an industry body for authentication open standards. Only one device can be used for accessing each AWS account.

Gemalto's Ezio device is currently only available to US customers. Requests to Amazon for a time scale for UK customers being able to use MFA on their AWS accounts received no reply at the time of writing.



You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All