Identification and Authentication (Organizational Users) | Network Access to Privileged Accounts
AWS multifactor authentication (MFA) for privileged users of the AWS console is implemented. This service has been configured for 18F administrative accounts in IAM. Multifactor authentication adds an extra layer of security for login access to the AWS management console. 18F users are prompted for a username and password, as well as the authentication code from their MFA device.
cloud.gov currently does not have MFA capabilities implemented for users; however, any administrative actions taken on the platform requires authentication via encrypted ssh keys which are limited to specific users on the jumpbox.
Identification and Authentication Policy for 18F
Multifactor authentication is enforced both in the GSA enterprise login system and GitHub.
User Account and Authentication (UAA) Server
Cloud.Gov does not have MFA capabilities implemented. Cloud.Gov currently utilizes username and password for identification and authentication of non-privileged accounts.