7
132
Customers have installed this app in at least 132 active instances.

    Two-Factor Authentication (2FA) for Jira

    by SecSign Technologiesfor Jira Server 6.4 - 8.14.1
    Unsupported
    This app isn't formally supported.

    See existing Q&A in Atlassian CommunityAsk a question in the Atlassian Community

    Jira Service Management
    This app is compatible with Jira Service Management.
    Supported
    SecSign Technologies supports this app.

    Get support

    Jira Service Management
    This app is compatible with Jira Service Management.
    Unsupported
    This app isn't formally supported.

    See existing Q&A in Atlassian CommunityAsk a question in the Atlassian Community

    Jira Service Management
    This app is compatible with Jira Service Management.
    Get it nowFree app

    2FA login for Jira - on-premise or in the cloud. Simplicity and security combined for the best user experience and data protection

    2FA login for Jira - on-premise or in the cloud. Simplicity and security combined for the best user experience and data protection

    2FA login for Jira - on-premise or in the cloud. Simplicity and security combined for the best user experience and data protection

    Simple Touch 2FA / MFA for mobile and desktop apps

    Powerful Features

    2FA on-premise or in the cloud for any Jira Setup

    The strongest 2FA with a customizable login:

    - Mobile 2FA (iOS / Android)

    - Biometric login (FaceID and fingerprint)

    - Desktop Apps (OSX / Windows 10)

    - Mail 2FA

    - TOTP (integration with Google, Authy or other 2FA apps)

    - 2FA activation that fits your setup and requirements

    - 2FA limited to specific groups

    - Protect Jira Service Desk logins

    - Location based 2FA configuration

    - SSO Support

    - Crowd or internal user management available

    For cloud and self-managed Jira, with 2FA based on-premise or the cloud: it fits your setup, no matter how complex.

    2FA in the cloud for an easy setup, or go on-premise for full control.

    Questions? support@secsign.com

    More details

    Download the app (iOS or Google) and create a SecSign ID.

    You can try the add-on and apps for free. More information about the Jira add-on is available here.

    Strongest Protection:

    Advanced elliptic curve PKI cryptography. Authentication protected with Challenge Response Authentication (2048 bit key SafeKey Procedure) or elliptic curves (TEE). No passwords or complex codes needed.

    Protect all access points:

    We offer 2FA plugins for most Atlassian services and for literally any other access point, including SAML and OAuth solutions. An overview of our plugins is available here

    Shared User Directory:

    Use your internal Jira Directory, Crowd or Active Directory to manage your users.

    Selective 2FA requirements:

    • Activate 2FA for user groups and limit 2FA to outside DMZ
    • Mobile app-based authentication, desktop app or Email-OTP authentication for users without a smartphone.

    For more information about PKI security and how to use SecSign ID visit our user guide or contact us at sales@secsign.com

    Reviews for cloud

    (7)
    Sign in to write a review
    by Titus T on 2017-06-02
    I've been searching for a Two-Factor Authentication for our web services that I can use for not only one but all interfaces we are using. With SecSign ID I can use Two-Factor Authentication for JIRA but also use their plugins for the other services without having to switch the provider. And on top it's super easy to use. Thanks guys!
    Was this review helpful?YesNo
    by Andrew Evans on 2017-05-10
    A fantastic idea and works really well. I did have issues with it at first getting stuck on the login screen but it seemed to be an issue with my installation of Jira / the server environment rather than this plugin, but the support I received from SecSign was absolutely amazing, extremely supportive and helped me get things working. I would highly recommend the SecSign platform and will be using it in my own projects for all my authentication needs. I just need to convince my boss it will be useful too.
    Was this review helpful?YesNo
    SecSign Technologies

    Hello Andrew,

    thank you for your feedback. Unfortunately, you did not respond to our last Email. We suspect a java script error on your site to be the reason for the issue. You can contact us at support@secsign.com and we are happy to help you with some additional troubleshooting.

    Sincerely,

    Your SecSign Team

    by Niek Neuij on 2017-02-16
    Disappointing. It's not really two-factor like Steam or Azure for example, where you need a username/password *and* get the code. The add-on actually works great, and to match a picture on your screen to that of your mobile is amazing, and way more convenient than those codes most 2fa providers send you. But this add-on is not 2fa, so much as "either choose our authentication method, or use the regular way". I want users to have to do both. Update: Yes, your product is very secure. But our client requires a solution where authentication happens against a third-party agent and Confluence/JIRA. And I must say I agree, because it's an extra layer of security. Why not just add the option?
    Was this review helpful?YesNo
    SecSign Technologies

    Hi Niek,

    thank you for taking the time to review our plugin. As a matter of fact, most customers can't believe our app really offers 2FA because it's just so convenient.

    But we can reassure you, it really is 2FA: In fact it is one of the strongest methods available on the market. More information about the procedure can be found here.

    I understand it that you want an additional login with the Confluence/JIRA Login credentials before the two-factor authentication kicks in? With the SecSign ID the user has to confirm the login with the private key on his smartphone. Confluence/JIRA verifies the users' information with the SecSign ID server. So basically, the SecSign ID server is the third party you are referring to. However, if you insist on an additional login step with the Confluence/JIRA credentials: this is absolutely doable with our plugin if you are using an on-premise server. Feel free to contact us at sales@secsign.com with the approximate number of users and we are happy to assist you.

    PKI based 2FA is extremely secure because the sensitive user data are never transmitted via the browser/app. That means no secure authentication credentials are communicated between the authentication service, Confluence and the phone. The two factors for the SecSign ID are the PIN/password (knowledge) and the private key secured on the phone (possession). It works similar to using your debit card on an ATM.

    Don't hesitate to contact us with any questions you may have about the procedure.

    Reviews for server

    (7)
    Sign in to write a review
    by Alexander Miu on 2020-09-08
    Does the job, but a big buggy. It overwrites the URL you were currently on with the 2FA login screen but doesn't redirect you back to where you were after the login, meaning instead of continuing your work you get redirected to jira home (in my case, in a colleague's case to some random SD). And since it overwrites instead of redirects, the browser history is also tainted and you can't use the back button to get where you were because that step doesn't exist anymore. Even more fun, I refreshed multiple tabs and got the login on all of them, logged in one of the tabs and tried to refresh or go back to my pages on the other tabs. I couldn't go back to a working page because I'd get the 2FA login again every time (which would again redirect me back to jira home). Edit: Thanks for the almost-instant response. My boss has contacted support and will try to get the implementation working properly. Since it's very likely a problem on our side and the support is so awesome, I gotta give full stars before I forget and bring your rating down by mistake. Cheers!
    Was this review helpful?YesNo
    SecSign Technologies

    Hi Alexander,

    Thank you for your feedback. We are very sorry for the inconveniences and will be happy to help you to find the error so that you can use the SecSign ID.

    Usually, the redirection after the login works fine, and you are automatically redirected to the page that you had to leave for the login.Could you please send us the log files of the system to support@secsign.com, so we that we can further investigate the problem?Also, please do not hesitate to contact us, if you need any assistance on getting the log files or have any questions.

    Sincerely,

    Your SecSign Team

    by Jan-Peter Rusch on 2020-08-31
    Top solution for MFA / MSA for Atlassian tools. Setup in a matter of minutes for Confluence, Jira & Bitbucket. Great that you can have the company internal network excluded from 2FA. We had an issue with authentication via Active Directory with TLS/SSL. Works now like a charm! You can even authenticate with your Apple Watch... On another issue with a specific login screen, support solved the issue in 30 minutes after reporting. Amazing!
    Was this review helpful?YesNo
    by Barry Durand on 2018-04-09
    This is fantastic. I use this to restrict our employees to using a more secure login approach. Plus they can't seem to remember their passwords, so they begin using unsafe practices (simple passwords, non-memory storage of text, etc). This is absolutely perfect for ensuring two-factor is utilized by employees. It also works for public JIRA instances, and properly handles integrated JIRA Service Desk (anonymous mode too). And they have great support to boot.
    Was this review helpful?YesNo
    by Titus T on 2017-06-02
    I've been searching for a Two-Factor Authentication for our web services that I can use for not only one but all interfaces we are using. With SecSign ID I can use Two-Factor Authentication for JIRA but also use their plugins for the other services without having to switch the provider. And on top it's super easy to use. Thanks guys!
    Was this review helpful?YesNo
    by Andrew Evans on 2017-05-10
    A fantastic idea and works really well. I did have issues with it at first getting stuck on the login screen but it seemed to be an issue with my installation of Jira / the server environment rather than this plugin, but the support I received from SecSign was absolutely amazing, extremely supportive and helped me get things working. I would highly recommend the SecSign platform and will be using it in my own projects for all my authentication needs. I just need to convince my boss it will be useful too.
    Was this review helpful?YesNo
    SecSign Technologies

    Hello Andrew,

    thank you for your feedback. Unfortunately, you did not respond to our last Email. We suspect a java script error on your site to be the reason for the issue. You can contact us at support@secsign.com and we are happy to help you with some additional troubleshooting.

    Sincerely,

    Your SecSign Team

    Read more reviews

    Reviews for Data Center

    (7)
    Sign in to write a review
    by Titus T on 2017-06-02
    I've been searching for a Two-Factor Authentication for our web services that I can use for not only one but all interfaces we are using. With SecSign ID I can use Two-Factor Authentication for JIRA but also use their plugins for the other services without having to switch the provider. And on top it's super easy to use. Thanks guys!
    Was this review helpful?YesNo
    by Andrew Evans on 2017-05-10
    A fantastic idea and works really well. I did have issues with it at first getting stuck on the login screen but it seemed to be an issue with my installation of Jira / the server environment rather than this plugin, but the support I received from SecSign was absolutely amazing, extremely supportive and helped me get things working. I would highly recommend the SecSign platform and will be using it in my own projects for all my authentication needs. I just need to convince my boss it will be useful too.
    Was this review helpful?YesNo
    SecSign Technologies

    Hello Andrew,

    thank you for your feedback. Unfortunately, you did not respond to our last Email. We suspect a java script error on your site to be the reason for the issue. You can contact us at support@secsign.com and we are happy to help you with some additional troubleshooting.

    Sincerely,

    Your SecSign Team

    by Niek Neuij on 2017-02-16
    Disappointing. It's not really two-factor like Steam or Azure for example, where you need a username/password *and* get the code. The add-on actually works great, and to match a picture on your screen to that of your mobile is amazing, and way more convenient than those codes most 2fa providers send you. But this add-on is not 2fa, so much as "either choose our authentication method, or use the regular way". I want users to have to do both. Update: Yes, your product is very secure. But our client requires a solution where authentication happens against a third-party agent and Confluence/JIRA. And I must say I agree, because it's an extra layer of security. Why not just add the option?
    Was this review helpful?YesNo
    SecSign Technologies

    Hi Niek,

    thank you for taking the time to review our plugin. As a matter of fact, most customers can't believe our app really offers 2FA because it's just so convenient.

    But we can reassure you, it really is 2FA: In fact it is one of the strongest methods available on the market. More information about the procedure can be found here.

    I understand it that you want an additional login with the Confluence/JIRA Login credentials before the two-factor authentication kicks in? With the SecSign ID the user has to confirm the login with the private key on his smartphone. Confluence/JIRA verifies the users' information with the SecSign ID server. So basically, the SecSign ID server is the third party you are referring to. However, if you insist on an additional login step with the Confluence/JIRA credentials: this is absolutely doable with our plugin if you are using an on-premise server. Feel free to contact us at sales@secsign.com with the approximate number of users and we are happy to assist you.

    PKI based 2FA is extremely secure because the sensitive user data are never transmitted via the browser/app. That means no secure authentication credentials are communicated between the authentication service, Confluence and the phone. The two factors for the SecSign ID are the PIN/password (knowledge) and the private key secured on the phone (possession). It works similar to using your debit card on an ATM.

    Don't hesitate to contact us with any questions you may have about the procedure.

    Cloud Pricing

    Server Pricing

    Data Center Pricing

    SecSign Technologies provides support for this app.

    Vendor support resources

    Documentation

    Find out how this app works.

    See existing Q&A in Atlassian CommunityAsk a question in the Atlassian Community

    Atlassian-hosted discussions connect you to other customers who use this app.

    Versions

    Version 4.6.2 Jira Server 6.4 - 8.14.1 Released 2021-01-22

    Summary

    Added FIDO and further features

    Details

    • Added FIDO as Authentication-Method
    • Added Activation of methods to profile
    • Whitelist to allow Basic-Auth Access for specific services
    • Accelerated Login
    • minor bug fixes

    Installation

    1. Log into your Jira instance as an admin.
    2. Click the admin dropdown and choose Add-ons. The Manage add-ons screen loads.
    3. Click Find new apps or Find new add-ons from the left-hand side of the page.
    4. Locate Two-Factor Authentication (2FA) for Jira via search. Results include app versions compatible with your Jira instance.
    5. Click Install to download and install your app.
    6. You're all set! Click Close in the Installed and ready to go dialog.

    To find older Two-Factor Authentication (2FA) for Jira versions compatible with your instance, you can look through our version history page.

    Similar apps