Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

2-Factor Authentication for Crowd

Dennis Biringer October 2, 2015

I have new security requirements that require two-factor authentication on our Atlassian tools: Crowd, JIRA, Confluence, Stash, and Bamboo. I see that there is a product called "Secure Login via 2-Factor Authentication by SYRACOM that is a plugin for JIRA. Is there something similar to that for Crowd (all of our tools authenticate through Crowd) or does someone know of a different solution.

I find it hard to believe this is not a basic, built-in, capability of Crowd.

Dennis

5 answers

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

3 votes
Anton Storozhuk August 13, 2019

Hi @Dennis Biringer 

You may install free plugin for Crowd Server for your 2FA requirements: https://marketplace.atlassian.com/apps/1220849/2fa-for-crowd-u2f-totp?hosting=server&tab=overview

Plugin supports TOTP (Time-based One-time Password algorithm via mobile authenticators) and U2F devices (Universal 2nd Factor).

Icon Support January 23, 2020

Hi, so will installing this onto Crowd give 2FA capability for all connected applications - Jira, Confluence, Bitbucket ?  So if I sign in to Jira the plugin on the Crowd server will prompt for a 2FA code ?

Anton Storozhuk January 23, 2020

Hi @Icon Support 

Thank you for your question.

It will allow you to use 2FA on Crowd side when you login to Jira or other connected applications. 


To configure this - you need to use Crowd's Authenticator in your connected application.


P.S. At the moment we don't support SSO (will be implemented soon).

Best regards,
Anton

sebastian April 15, 2020

Sorry I don't fully understand.
If I'm logged out of all the apps including Crowd and I login to Bamboo will I get the 2FA popup?
If I get the popup and I input the right code I will be admitted.
What happens if next I go to JIRA? Does 2FA remember I already logged in to Bamboo?
Or will it ask for credentials again?

The way I have it setup right now I login once (be it Bamboo, JIRA, Crowd, Confluence....) and then when I go to the other apps I don't need to login again.
Is this what you are referring to as SSO? (which the plugin does not support for the moment).

Thanks.

Anton Storozhuk April 16, 2020

Hi @Sebastian

Thanks for your question.

Currently 2FA for Crowd: U2F&TOTP plugin supports CAS (central authentication service which is the sso protocol for the web https://en.wikipedia.org/wiki/Central_Authentication_Service ).
There are differences between CAS and Crowd SSO you described.

In your case if you are logged out of all apps including Crowd and you installed 2FA for Crowd you'll get 2FA popup only when you login or enter Crowd instance.

Please let me know if you have further questions.

Regards
Anton

sebastian April 16, 2020

Is there any product or functionality which would allow me to integrate the SSO provided by Crowd with 2FA? (this is for the datacenter version)

Like Titus likes this
Anton Storozhuk April 16, 2020

@sebastian we're working on the solution.

1 vote
Titus
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 21, 2016

There are couple of 2FA add-ons available. But if those plugins will be enabled for JIRA cloud is up to Atlassian.

So for JIRA server, you can check out the benefits of our new 2FA JIRA add-on for two-factor authentication using your SecSign ID.
https://marketplace.atlassian.com/plugins/com.secsign.secsignid/server/overview

For a more detailed installation tutorial visit
https://www.secsign.com/jira-2fa-tutorial/

Titus
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
October 11, 2017
0 votes
mw
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
April 13, 2018

Hi Christopher,

we published the new Bamboo and Bitbucket 2FA plugins. Now you can activate 2FA with Crowd for your Bamboo and Bitbucket setups as well.

If you want to manage 2FA centrally via Crowd or a user management system connected to Crowd you simply need to install the SecSign ID Crowd and the SecSign ID Bamboo plugin. The configuration setups for Crowd can then be found in the backend of the Bamboo plugin.

Feel free to test the plugins and don't hesitate to let us know about any questions and feedback. We appreciate your input. 

0 votes
Titus
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
November 29, 2017

Hi Dennis,

 

we have recently published a Plugin for 2FA or two factor authentication for Atlassian Crowd.

Have a look at https://marketplace.atlassian.com/plugins/com.secsign.secsign-crowd/server/overview

 

Besides this we offer 2FA plugins for JIRA and Confluence to work with the Crowd instance to map and synchronize the user.

 

SecSign 2FA Add-on for Atlassian JIRA

SecSign 2FA Add-on for Atlassian Confluence

 

Let us know if you need more information about the integration.

Christopher Hopkins
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
January 26, 2018

A quick question on this...if we install the plugin for Crowd would this effectively enable 2FA for a Bamboo instance that was linked to Crowd for user authentication?

Titus
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
January 29, 2018

Hi Christopher,

 

no it would not enable 2FA for Bamboo (or BitBucket). You will need to install a seperate add-on.

Currently we are working on such a Bamboo and Bitbucket add-on to supply 2FA support to these systems.

Also we are working at our Crowd plugin so in the future an admin can administer the two factor authentication centrally in crowd.

 

Titus

0 votes
Amy Hogan March 7, 2016

Dennis, what did you do for this? I have the same issue.

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

TAGS
AUG Leaders

Atlassian Community Events