Supported Configurations for Using U2F Security Keys
You can use U2F as a multi-factor authentication (MFA) method in AWS using currently supported configurations. These include U2F devices supported by AWS and browsers that support U2F.
U2F Devices Supported by AWS
AWS currently supports U2F-compliant security devices that plug into USB ports on your computer.
For information on purchasing a supported device, see Multi-Factor Authentication.
Browsers That Support U2F
The following browsers currently support the use of U2F security keys:
-
Google Chrome, version 38 and later.
-
Opera, version 40 and later.
-
Mozilla Firefox, version 57 and later.
Note
Most Firefox versions that currently support U2F do not enable support by default. For instructions on enabling U2F support in Firefox, see Troubleshooting U2F Security Keys.
Browser Plugins
AWS currently supports only browsers that natively support the U2F standard. AWS does not support using plugins to add U2F browser support. Also note that some browser plugins are incompatible with the U2F standard and can cause unexpected results with U2F security keys.
For information on disabling browser plugins and other troubleshooting tips, see I can't enable my U2F security key.
Mobile Environments
AWS does not currently support the use of U2F security keys with mobile browsers or non-USB U2F devices.
The AWS Console Mobile App does not currently support using U2F security keys for MFA.
AWS CLI and AWS API
AWS currently supports using U2F security keys only in the AWS Management Console. Using U2F security keys for MFA is not currently supported in the AWS CLI and AWS API, or for access to MFA-protected API operations.
Additional Resources
-
For more information on using U2F security keys in AWS, see Enabling a U2F Security Key (Console).
-
For help with troubleshooting U2F in AWS, see Troubleshooting U2F Security Keys.
-
For general industry information on U2F support, see Universal 2nd Factor.
