AWS IAM Identity Center now enables multi-factor authentication (MFA) by default for all new instances, enhancing security by requiring users to register an MFA device and provide additional verification when their sign-in context changes.

<div>
<p>The article discusses the new multi-factor authentication (MFA) defaults for new AWS IAM Identity Center instances.</p>
<p>Specifically, the article covers:</p>
<ul>
<li>Starting today, all new AWS IAM Identity Center instances will have MFA enabled by default</li>
<li>MFA is a security best practice for securing user accounts</li>
<li>New users in these instances will be prompted to register for MFA during first sign-in</li>
<li>Existing customer-configured MFA settings will not change</li>
<li>IAM Identity Center supports various MFA options like FIDO2 passkeys and virtual authenticator apps</li>
<li>Customers are encouraged to enable MFA for their users, but administrators can update settings based on requirements</li>
</ul>
</div>


AWS IAM Identity Center enhances the multi-factor authentication (MFA) defaults for new IAM Identity Center instances

Related articles