Secure Login (2FA) - Bitbucket
Strong Security via two-factor authentication for Bitbucket: efficient but user friendly without any external 2-factor systems
Ensure limited access for authorized persons only via enhanced security: in addition to the username and password, a registered mobile device will be used each login time to generate a PIN code valid for half a minute.
Just install via Marketplace: you do not have to patch/customize anything nor does the add-on needs to communicate to a third-party system over the internet!
Support of different mobil authenticators
Based on RFC 6238 the add-on supports different authenticator apps. You decide which authenticator fits your needs and infrastructure. Free authenticators are available for iOS, Android, Windows Phone and BlackBerry.
The default login for Atlassian tools is based on username and password: this is not a strong authentication as both values can be easily passed/copied to other persons using them in parallel to the owner. A secure login depends on multiple aspects and combine e.g. knowledge with physical gadgets, which cannot be duplicated that easily. If the gadget will be stolen, it is useless without the knowledge aspect. One sample of such a secure login is a 2-factor authentication using user name/password and a mobile device as key code generator resp. authenticator.
ATTENTION: a mobile authenticator is not a barcode reader!
To use strong security, the SYRACOM add-on has to be installed and activated as described in our Administrator's Guide. Furthermore you must have an authenticator app installed on your mobile device. You can use every app which is compliant to the RFC 6238 standard. Please read the Users Guide having listed examples for different mobile phones and operation systems!
Privacy and security