Hi @vicky kung
Your question is finally answered :)
A few days ago we released a new security app to Atlassian Marketplace called Polar SSO.
In addition to SAML and Kerberos, you get to define policies that encourages or enforces users to add a second factor based on users network location, group membership, login method (password, saml, kerberos) etc.
A benefit from adding extra verification is that you can log in directly without password using Windows Hello, MacOS Touch ID, Apple watch, Android fingerprint, USB security keys with PIN or fingerprint. In addition you can use the same device to re-verify your identity on WebSudo protected pages (which can be a pain to do every 10 minutes).
You may also further protect your application by defining policies that denies regular password login, while allowing SAML login from untrusted sones.
Disclaimer, I work for Polarnight, the vendor behind this app.
-Lars
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.