It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Forced to pay to have two-factor authentication?

Got a "Identity Manager is now Atlassian Access " email from Atlassian.

It made me grumpy ...

We are using JIRA in our company and I did activate the Identity Manager some time ago so we could protect our access with 2FA Two Factor Authentication. (if I remember correctly)

Now it seems that this is now an out-of-beta service that will be billed $30 per month from August. Am I missing something or Atlassian is charging to have 2FA now ? Anyway around it ?

This seems unbelievable for such an essential and basic feature for an online service... and frankly we will not afford $30 for this (ie doubling the cost of the service).

It is like charging users for having strong passwords:

"For $5/month extra you can now have 1 additional character in your passwords, (upper and lower case letters allowed for free for a limited time)"



Rodrigo_B Atlassian Team Jun 11, 2018

Hello @Erwan Cosnuau,

Welcome to the community!

Atlassian is not charging for 2FA, all Atlassian accounts can still enable it and use without cost, the feature that is part of the Atlassian Access product is the Enforced Two-Step Authentication, which is additional administrative control to enforce this policy to all Atlassian accounts under your verified domains, you can see more details below:

Documentation regarding 2FA for Atlassian accounts

And documentation regariding Enforced 2FA for Atlassian organizations

Kind regards,

Rodrigo Becker
Atlassian Cloud Support


Thanks @Rodrigo_B

I will have a look at disabling Atlassian Access and maintain our 2FA then... we can live without enforcing it automatically :-) good old manual enforcement and psychological pressure will do for our users

I knew this was too bad to be true

Thanks again


And that's good and all. But how do I list all users and view if they comply to the manual enforcement. I can't find anywhere to list my users MFA status.


Like Simon Attrill likes this

As per Lars, how can I as an admin see which of my users have 2FA enabled? This is an essential ability. 


I am having the same problem as I have a number of users that are not managed accounts so I cannot enforce 2FA. So I want to ask my users to activate and check whether they did. For those who didn't I will revoke their access.

2FA is essential to maintain security and it's therefore essential to be able to check that all users are using it!  I also need to check if all our users are using 2FA as it's no longer being automatically enforced.  I can't justify the cost of the Access service just to check if users are using 2FA!

I have discovered how to check if 2FA is enabled (for users using email domains that you have control over)

1. Add the required TXT record to the email domain see:

2.Now visit Directory > Managed Accounts and click on "Show details" for each user.  Under the Security heading you will see if 2FA is enabled for the user.

That works and you dont even have to view each account individually. Just export a csv file of all users and there is a column "Two-step verification enabled" that will give you the consolidated data.


Log in or Sign up to comment
Community showcase
Published in Atlassian Access

We're launching improved navigation for admins

Hi Atlassian Community, My name is Avni Barman and I am a Product Manager on the Atlassian Access team! One of my top priorities is to help make the administrator's life easier through improved pro...

149 views 0 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you