Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Secure Your Accounts with OTP via SMS and Email (2FA)

Harshit bhagat August 9, 2023

Hello Folks,

Hope you're all settled in with your beverage of choice, because we're about to dive into a realm that holds the keys to your digital security.

As we've all heard, the passwords are the guardians of our accounts, but even these digital gatekeepers can sometimes doze off on the job, leaving our defenses vulnerable.
Previously we saw how Duo Push Notifications and WebAuthn, the two knights in shining armor of miniOrange's Two Factor Authentication Plugin, rescue your Atlassian accounts from the clutches of potential hacking attacks.

Now hold onto your seats because this is where the plot thickens as I introduce OTP over SMS and Email, our other advanced 2FA authentication methods to safeguard your accounts.

OTP (One Time Password) over SMS or Email is a widely adopted and user-friendly validation method for two-factor authentication. These short-lived codes, shared during login, makes it impossible for the hackers to get access to accounts even if they have user’s credentials.

In the SMS OTP validation technique, an OTP is sent to the user’s mobile phone via SMS. The user is then required to input this OTP during the 2FA verification stage, thereby granting access to the application solely upon successful OTP verification.

Our service extends to Email OTP as well. A user logging in triggers an email to their registered address, containing the OTP for login use.

The advantages of using OTP with SMS and emails are:

  • Low cost & Ready to rollout: Since mobile phones and email are readily available with everyone, the cost of implementing OTP over SMS and OTP over Email is very low as the end users don’t need any extra device.
  • Easy to use (No setup & no instructions): The entirety of the setup and configuration process is managed solely by the administrator. SMS authentication eliminates the need for extra applications or configuration, as it involves a simple login code sent directly thus preventing the end users from any setup.
  • No Shared Secret to Crack:  The OTPs are like random numbers sent by the server that only work for one login, so there’s no shared secret to be taken advantage of. 

In a nutshell, by using OTP over SMS and OTP over Email, we're adding extra locks to your Atlassian accounts, making it much tougher for the hackers to get in. These smart security locks help keep your Atlassian accounts strong and safe, so you can work in peace.

0 comments

Comment

Log in or Sign up to comment
AUG Leaders

Atlassian Community Events