The company's WorkSpaces service can be used with hardware tokens from Gemalto Amazon Web Services now lets enterprises use two-factor authentication to better protect hosted WorkSpaces virtual desktops.The steady stream of incidents in which hackers have been able to access traditional passwords highlight the need for something more secure over and over again. Adding so-called two-factor authentication increases security by validating users with something they know (a regular password) and something they have (a hardware or software generated one-time password).Protecting Workspaces desktops with two-factor authentication helps prevent unauthorized users from gaining access to enterprise resources, while defending against password attacks such as phishing and keystroke logging. The feature itself is available now at no extra charge, Amazon said in a blog post.For the authentication to work, organizations need a Radius server. Amazon has verified its implementation against the Symantec VIP (Validation and ID Protection) and Microsoft Radius Server products. [Security vendor blames Amazon for customer malware]Gemalto offers two products that can be used to generate the one-time passwords; the Ezio keyfob costs US$12.99 and the Ezio display card costs $19.99. The six digit passwords they generate are valid for one attempt and for 30 seconds. For companies that don’t want to roll out new hardware, there are applications for Android, BlackBerry OS, iOS and Windows. The applications are free, but aren’t considered as secure.To help IT departments get started, Amazon has updated its administration guide with instructions on how to activate the improved authentication.Amazon Workspaces was made generally available at the end of March. The service offers managed virtual desktops users can access from PCs, Macs, Apple’s iPads and tablets based on Android, including Amazon’s own Kindle Fire products.The desktops cost from $35 per user and month and are available from Amazon’s data centers in North Virginia, Oregon, Sydney and Ireland.Send news tips and comments to mikael_ricknas@idg.com Related content news Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance Despite money pouring into programs around the world, training organizations have not managed to ensure employment for professionals, while entry-level professionals are finding it hard to land a job By Samira Sarraf Oct 02, 2023 6 mins CSO and CISO CSO and CISO CSO and CISO news Royal family’s website suffers Russia-linked cyberattack Pro-Russian hacker group KillNet took responsibility for the attack days after King Charles condemned the invasion of Ukraine. By Michael Hill Oct 02, 2023 2 mins DDoS Cyberattacks feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Security news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe