AWS Adds Multi-Factor Authentication to WorkSpaces
Amazon Web Services Inc. (AWS) added another layer of security to its Amazon WorkSpaces offering with the addition of multi-factor authentication.
WorkSpaces is the AWS cloud-based virtualized desktop solution that launched last spring, integrating with Microsoft Active Directory so users can use their existing corporate user names and passwords while logging into WorkSpaces.
The new support for multi-factor authentication announced on Monday will now let administrators require a second set of security credentials from users.
"Once this new feature has been enabled and configured, WorkSpaces users will log in by entering their Active Directory user name and password followed by an OTP (One-Time Passcode) supplied by a hardware or a software token," explained AWS Evangelist Jeff Barr in a blog post.
AWS has tested the multi-factor authentication feature on Symantec VIP and Microsoft Radius Server, Barr said, though it is compatible with any on-premises server that supports the RADIUS protocol.
AWS provides details for enabling multi-factor authentication here. The capability is immediately available at no extra cost. (The WorkSpaces solution itself costs between $35 and $75 in the United States, depending on the plan.)
Amazon plans to "enhance" the multi-factor authentication capability in the future, Barr said, though he didn't elaborate on what those improvements might entail. However, he indicated that the company plans to eventually add support for authentication via smart cards and certificates.