Secure Login (2FA) - Jira
Strong Security via two-factor authentication made in Germany without the need of an external system, also supporting Jira mobile
Ensure limited access for authorized persons only via enhanced security: in addition to the username and password, a registered mobile device will be used each login time to generate a PIN code valid for half a minute.
Just install via Marketplace: you do not have to patch/customize anything nor does the add-on needs to communicate to a third-party system over the internet!
Jira Service Desk supported for native Jira users not agents.
Support of different mobil authenticators
Different authenticator apps are supported. You decide which one fits your needs and infrastructure:
- TOTP with (free) mobile authenticators available for iOS, Android, etc.
- hardware tokens
The default login for Atlassian tools is based on username and password: this is not a strong authentication as both values can be easily passed/copied to other persons using them in parallel to the owner. A secure login depends on multiple aspects and combine e.g. knowledge with physical gadgets, which cannot be duplicated that easily. If the gadget will be stolen, it is useless without the knowledge aspect. One sample of such a secure login is a 2-factor authentication using user name/password and a mobile device as key code generator resp. authenticator.
ATTENTION: a mobile authenticator is not a barcode reader!
To use strong security, the SYRACOM add-on has to be installed and activated as described in our Administrator's Guide. Furthermore you must have an authenticator app installed on your mobile device. You can use every app which is compliant to the RFC 6238 standard. Please read the Users Guide having listed examples for different mobile phones and operation systems!
Privacy and security
After the first login with username and password, the user have to register his mobile authenticator by scanning the QR code and enter the generated pin for validation.