AWS adds passkey MFA for root and IAM users

A blog from Amazon Web Services (AWS) says the company is adding passkeys to the list of supported multi-factor authentication (MFA) for root and AWS Identity and Access Management (IAM) users. It has also begun to enforce MFA for root users.

“As an end user, you will benefit from the convenience of use and easy recoverability,” says the blog. “You can use the built-in authenticators in your phones and laptops to unlock a cryptographically secured credential to your AWS sign-in experience.”

Authentication needs of consumer, enterprise different: KuppingerCole

A recent Leadership Compass report from KuppingerCole offers an overview of passwordless authentication tools that enable consumer interactions with enterprise brands. Research Analyst

Alejandro Leal notes the persistence of passwords despite well-documented security vulnerabilities, but says newer passwordless authentication methods are gaining traction with enterprises and consumer-facing businesses.

“It is important to note that passwordless authentication solutions tailored for enterprise use cases and those designed for consumer use cases exhibit distinct differences in response to varied expectations,” Leal writes. “Employees may tolerate more friction in the authentication process, aligning with organizational IAM policies, whereas consumers, driven by convenience, are prone to disengage if faced with complexity or delays.”

Key takeaways from the KuppingerCole report underline the dynamism and competitiveness of the passwordless authentication market. “Despite the presence of major players, the evolving nature of the market allows smaller companies to enter and establish a niche by leveraging technical innovation or catering to specific use cases” it says.

“The creation of open standards such as FIDO2 and WebAuthn has increased the adoption of passwordless technologies. In addition, the use of passkeys is likely to be a catalyst for widespread adoption.”

The report lists overall leaders in passkey adoption, as well as product leaders, innovation leaders and market leaders. Names on the overall list include 1Kosmos, Hypr, IBM, Microsoft, Okta, OneSpan, Ping Identity, Thales, and Transmit Security. Beyond Identity, Nok Nok and SecureAuth all appear on both the innovation and product lists.

Article Topics

Amazon Web Services (AWS)  |  biometric authentication  |  identity access management (IAM)  |  KuppingerCole  |  multifactor authentication  |  passkeys  |  passwordless authentication