Secure by Design: AWS enhances centralized security controls as MFA requirements expand
Security Blog
This article discusses AWS's efforts to enhance centralized security controls and expand multi-factor authentication (MFA) requirements for root users on AWS accounts.
Specifically, the article covers:
- The importance of MFA in preventing unauthorized access and AWS's goal of improving customers' default security posture
- AWS's requirement for MFA on root users in AWS Organizations management accounts starting in May 2024, and standalone accounts starting in June 2024
- The launch of FIDO2 passkey support as a new MFA method in June 2024, resulting in over 100% increase in phishing-resistant MFA registrations
- The introduction of a new capability to centrally manage root access for AWS Organizations accounts, reducing the need for managing numerous root account passwords
- The expansion of MFA requirements to root users of AWS Organizations member accounts, rolling out gradually starting in Spring 2025
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Jun 11
2024
2024
Passkeys enhance security and usability as AWS expands MFA requirements
Jun 11
2024
2024
AWS adds passkey multi-factor authentication (MFA) for root and IAM users
Dec 2
2025
2025
New AWS Security Agent secures applications proactively from design to deployment (preview)
Jun 17
2025
2025
AWS IAM now enforces MFA for root users across all account types
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.