Confluence doesn't have that built-in - the closest it has is "captcha" which you should be able to enable in the user configuration, and is only used for account creation and repeated failed logins.
If you feel the need to add this for every login (please, don't - it frustrates valid users and adds no security), you will need to code for it.
I agree, captchas are just friction not real security. Google "jira two factor authentication" and start somewhere such as https://answers.atlassian.com/questions/242660/2-factor-authentication-for-jira for a better direction
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG