Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Forced to pay to have two-factor authentication?

Erwan Cosnuau
Erwan Cosnuau Jun 11, 2018

Got a "Identity Manager is now Atlassian Access " email from Atlassian.

It made me grumpy ...

We are using JIRA in our company and I did activate the Identity Manager some time ago so we could protect our access with 2FA Two Factor Authentication. (if I remember correctly)

Now it seems that this is now an out-of-beta service that will be billed $30 per month from August. Am I missing something or Atlassian is charging to have 2FA now ? Anyway around it ?

This seems unbelievable for such an essential and basic feature for an online service... and frankly we will not afford $30 for this (ie doubling the cost of the service).

It is like charging users for having strong passwords:

"For $5/month extra you can now have 1 additional character in your passwords, (upper and lower case letters allowed for free for a limited time)"

 

Comment
Watch
Like # people like this
3755 views

4 comments

Rodrigo B_
Rodrigo B_
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Jun 11, 2018

Hello @Erwan Cosnuau,

Welcome to the community!

Atlassian is not charging for 2FA, all Atlassian accounts can still enable it and use without cost, the feature that is part of the Atlassian Access product is the Enforced Two-Step Authentication, which is additional administrative control to enforce this policy to all Atlassian accounts under your verified domains, you can see more details below:

Documentation regarding 2FA for Atlassian accounts

And documentation regariding Enforced 2FA for Atlassian organizations

Kind regards,

Rodrigo Becker
Atlassian Cloud Support

Like
Erwan Cosnuau
Erwan Cosnuau Jun 11, 2018

Fantastic!

Thanks @Rodrigo B_

I will have a look at disabling Atlassian Access and maintain our 2FA then... we can live without enforcing it automatically :-) good old manual enforcement and psychological pressure will do for our users

I knew this was too bad to be true

Thanks again

Like
Lars Öhlin
Lars Öhlin Nov 14, 2018

Hi,

And that's good and all. But how do I list all users and view if they comply to the manual enforcement. I can't find anywhere to list my users MFA status.

Thanks!

Like # people like this
Reply
Anthony Cunningham
Anthony Cunningham Feb 08, 2019

As per Lars, how can I as an admin see which of my users have 2FA enabled? This is an essential ability. 

Thanks.

Like
Rein van Winden
Rein van Winden May 15, 2019

I am having the same problem as I have a number of users that are not managed accounts so I cannot enforce 2FA. So I want to ask my users to activate and check whether they did. For those who didn't I will revoke their access.

Like
Simon Attrill
Simon Attrill Oct 09, 2019 • edited

2FA is essential to maintain security and it's therefore essential to be able to check that all users are using it!  I also need to check if all our users are using 2FA as it's no longer being automatically enforced.  I can't justify the cost of the Access service just to check if users are using 2FA!


Like
Simon Attrill
Simon Attrill Oct 09, 2019

I have discovered how to check if 2FA is enabled (for users using email domains that you have control over)

1. Add the required TXT record to the email domain see:
https://confluence.atlassian.com/cloud/verify-a-domain-for-your-organization-873871234.html

2.Now visit Directory > Managed Accounts and click on "Show details" for each user.  Under the Security heading you will see if 2FA is enabled for the user.

Like
Lars Öhlin
Lars Öhlin Oct 09, 2019

That works and you dont even have to view each account individually. Just export a csv file of all users and there is a column "Two-step verification enabled" that will give you the consolidated data.

Like
Reply
Iain McLean
Iain McLean Oct 09, 2022

In my opinion, this only shows how far behind and sick Atlassian are, making companies pay to enforce 2FA is just outdated, irresponsible and downright pathetic. Grow Up Atlassian! You are a farce to have this kind of attitude towards security.

Like
Reply
Jens Hassler
Jens Hassler Jun 16, 2023

We just migrated to the cloud (had to, unfortunately) and I wanted to enforce the second factor for all our users because the data we store in this service is very sensitive information. Unfortunately we'd be forced to pay another $160/month to be able to enforce the industry standard that is recommended everywhere from anyone. There is and should be no professional service where this is not possible. More and more companies make it mandatory - for good reasons.

On top of that, I also expected there would be more 2nd factor options including Passkeys support.

But: Nothing. Very disappointing.

Like
Reply

Comment

Log in or Sign up to comment
Identity Manager
Atlassian Access
TAGS
AUG Leaders

Atlassian Community Events

See all events