Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Require two factor authentication support for On Demand authentication

Archie Cobbs
Archie Cobbs
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 11, 2012

When will On Demand support two factor authentication? Simple login/password security on world-accessible web sites just doesn't cut it these days.

There is a non-proprietary, open standard for two-factor authentication. It's called RFC 4226. This is the same standard that Google uses for Gmail and that is implemented by the Google Authenticator smartphone app and others.

The algorithm, based on SHA-1, is easy to implement, and key management and distribution is easy as well.

Atlassian needs to get on the bandwagon before something really damaging and embarassing happens.

Answer
Watch
Like # people like this
1443 views

7 answers

1 accepted

0 votes
Answer accepted
Harry Chan5
Harry Chan
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 12, 2012

Hi, there is an open issue in Crowd for it. It will be implemented in Crowd. Please vote for it https://jira.atlassian.com/browse/CWD-677.

Otherwise, if you are looking for a hosted Atlassian solution outside of OnDemand with two factor authentication, we've done this before for customers using an Apache Module. If you are interested, contact us at sales@queryfoundry.com.

Reply
3 votes
Anton Storozhuk
Anton Storozhuk
Contributor
April 24, 2019

Hi @Archie Cobbs 

There's a Jira 2FA plugin available (works well with Google Authenticator) with U2F devices support 

https://marketplace.atlassian.com/apps/1220048/2fa-u2f-totp-secure-login-for-jira?hosting=server&tab=overview.

 

Please note that this app has Data Center edition.

Reply
1 vote
Ivan Novikov
Ivan Novikov
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 14, 2015

Ping. Can i use two factor auth for JIRA cloud?

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 14, 2015

Have a look at the link Harry posted in the original correct answer.

Like
Reply
0 votes
Deleted user September 29, 2014

Forgot to add, I use Google Authenticator already for other projects. Be nice if I could use it here.

Reply
0 votes
Deleted user September 29, 2014

Desperately seeking 2-factor authentication. This could be a deal breaker if it really is NOT on the roadmap or available soon.

Reply
0 votes
John Dyer
John Dyer
Contributor
February 17, 2014

Any idea if this is ever going to happen ? I totally agree with Archie, it's crazy you guys don't support this

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 17, 2014

Follow up comments are probably better posted into Jira - once Atlassian have a specific issue for it, it won't get much attention on Answers (See and follow Henry's link to the request)

Like
Tom
Tom
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 10, 2015

I'm tired of waiting for Atlassian. I will provide an Atlassian managed cloud for you to get two-factor authentication and IP restrictions. If you are open to this idea, let me know here: http://smsworkflow.com/site/managed-cloud-interest/

Like
Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 11, 2012

Two factor is usually very poorly implemented, or just misunderstood. I'm hoping that if Atlassian do something like it, they do it properly. Quite difficult given that there aren't many good examples around.

View More Comments
Archie Cobbs
Archie Cobbs
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 11, 2012

It's not hard. Here's my example: http://code.google.com/p/mod-authn-otp/

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.