Secure Login (2FA) - Confluence

for Confluence Server 7.16.0 - 8.6.2, Confluence Data Center 7.17.0 - 8.8.1 and more
164 installs
  • Supported

The ORIGINAL: Strong Security via 2FA auth. for Confluence, efficient but user friendly without any external 2-factor systems

YouTube's thumbnail image for the video.

Strong Security

Ensure limited access for authorized persons only via enhanced security: in addition to the username and password, a registered mobile device will be used each login time to generate a PIN code valid for half a minute.

Seamless Integration

Based on Atlassian plugin system 2, just install this add-on via Marketplace like others behind the firewall: you do not have to patch anything nor does the add-on needs to communicate to any third-party system.

Support of different mobil authenticators

Different authenticator apps are supported. You decide which one fits your needs and infrastructure:

- TOTP with (free) mobile authenticators available for iOS, Android, etc.

- hardware tokens

- FIDO2/webauthN

More details

The default login for Atlassian tools is based on username and password: this is not a strong authentication as both values can be easily passed/copied to other persons using them in parallel to the owner. A secure login depends on multiple aspects and combine e.g. knowledge with physical gadgets, which cannot be duplicated that easily. If the gadget will be stolen, it is useless without the knowledge aspect. One sample of such a secure login is a 2-factor authentication using user name/password and a mobile device as key code generator resp. authenticator.

ATTENTION: a mobile authenticator is not a barcode reader!

To use strong security, the SYRACOM add-on has to be installed and activated as described in our Administrator's Guide. Furthermore you must have an authenticator app installed on your mobile device. You can use every app which is compliant to the RFC 6238 standard. Please read the Users Guide having listed examples for different mobile phones and operation systems!

Privacy and security

Privacy policy

Atlassian's privacy policy is not applicable to the use of this app. Please refer to the privacy policy provided by this app's partner.

Partner privacy policy

Resources

Gallery

After the first login with username and password, the user has to register his mobile authenticator by scanning the QR code and enter the generated pin for validation.