Passwords suck. A good password is hard to remember, and a weak password is easy to guess. There are lots of attempts at finding ways to solve the problems of passwords, like one-time passwords, biometric authentication, and more. One of the most attractive solutions is two-factor authentication, which requires that you know something (a short passphrase, usually), and that you have something. The thing that you have is most often a little token generator: every 30 or 60 seconds a new set of digits is displayed on a screen. To successfully log in, you need to supply the passphrase that you know along with the digits displayed on the token. Big businesses have been using two-factor authentication for some time. Now it’s being made available for anyone with an Amazon Web Services account.
The Amazon Web Services blog brings word of the availability of two-factor authentication for AWS accounts. At thirteen bucks this is a pretty low-cost way to add substantial security to your AWS account. Hopefully we’ll see a broader adoption of two-factor authentication in the near future, as costs continue to come down.