MFA soon compulsory for AWS users, passwordless authentication an option
(www.csoonline.com)
from BrikoX@lemmy.zip to cybersecurity@sh.itjust.works on 11 Jun 2024 21:20
https://lemmy.zip/post/17193788
from BrikoX@lemmy.zip to cybersecurity@sh.itjust.works on 11 Jun 2024 21:20
https://lemmy.zip/post/17193788
AWS account holders can now use FIDO2 passkeys as an authentication method.
threaded - newest
tbh this might be a good thing (not talking about amazon)
2FA is cool for things that are important, like my bank account, or probably my AWS account. We don’t need it for everything and it’s pretty annoying when rinky dink little websites force it on us.
of course👍
the sites that would benefit users the most from implementing these would be those that retains user sensitive information:
What is sns?
ah that’s my bad that’s probably an accidental Koreanism
Rinky dink little websites should use federated logins, imo.
Like Discus, Facebook, or Google? The problem with that is then you have another big ass company tracking everything you’re signed up to and selling your data.
It says in the article that this won’t apply to org member accounts yet, but I wonder how it’ll work eventually. Member accounts created via account factory don’t even have a password, so you have to go through email account recovery to set one and then set up MFA. If this only applies to root users with passwords, that’s fine, otherwise I hope account factory will get a way to set up PW/MFA on a generated root user.