Amazon Web Services has announced that it is adding multi-factor authentication to WorkSpaces, using on-premises RADIUS servers.
This means that WorkSpaces users are now able to authenticate themselves using the same method that they already use for other forms of remote access in their organisations.
Amazon WorkSpaces is AWS' fully-managed desktop computing service in the cloud.
WorkSpaces users will now be able to log in by entering their Active Directory user name and password followed by a one time passcode supplied by a hardware or a software token.
Announcing the update on the AWS blog, Chief Evangelist Jeff Barr, said: "This feature should work with any security provider that supports RADIUS authentication (we have verified our implementation against the Symantec VIP and Microsoft Radius Server products). We currently support the PAP, CHAP, MS-CHAP1, and MS-CHAP2 protocols, along with RADIUS proxies.
"As a WorkSpaces administrator, you can configure this feature for your users by entering the connection information (IP addresses, shared secret, protocol, timeout, and retry count) for your RADIUS server fleet in the Directories section of the WorkSpaces console. You can provision multiple RADIUS servers to increase availability if you'd like. In this case you can enter the IP addresses of all of the servers or you can enter the same information for a load balancer in front of the fleet."