I have new security requirements that require two-factor authentication on our Atlassian tools: Crowd, JIRA, Confluence, Stash, and Bamboo. I see that there is a product called "Secure Login via 2-Factor Authentication by SYRACOM that is a plugin for JIRA. Is there something similar to that for Crowd (all of our tools authenticate through Crowd) or does someone know of a different solution.
I find it hard to believe this is not a basic, built-in, capability of Crowd.
Dennis
Community moderators have prevented the ability to post new answers.
You may install free plugin for Crowd Server for your 2FA requirements: https://marketplace.atlassian.com/apps/1220849/2fa-for-crowd-u2f-totp?hosting=server&tab=overview
Plugin supports TOTP (Time-based One-time Password algorithm via mobile authenticators) and U2F devices (Universal 2nd Factor).
Hi, so will installing this onto Crowd give 2FA capability for all connected applications - Jira, Confluence, Bitbucket ? So if I sign in to Jira the plugin on the Crowd server will prompt for a 2FA code ?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you for your question.
It will allow you to use 2FA on Crowd side when you login to Jira or other connected applications.
To configure this - you need to use Crowd's Authenticator in your connected application.
P.S. At the moment we don't support SSO (will be implemented soon).
Best regards,
Anton
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sorry I don't fully understand.
If I'm logged out of all the apps including Crowd and I login to Bamboo will I get the 2FA popup?
If I get the popup and I input the right code I will be admitted.
What happens if next I go to JIRA? Does 2FA remember I already logged in to Bamboo?
Or will it ask for credentials again?
The way I have it setup right now I login once (be it Bamboo, JIRA, Crowd, Confluence....) and then when I go to the other apps I don't need to login again.
Is this what you are referring to as SSO? (which the plugin does not support for the moment).
Thanks.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Sebastian
Thanks for your question.
Currently 2FA for Crowd: U2F&TOTP plugin supports CAS (central authentication service which is the sso protocol for the web https://en.wikipedia.org/wiki/Central_Authentication_Service ).
There are differences between CAS and Crowd SSO you described.
In your case if you are logged out of all apps including Crowd and you installed 2FA for Crowd you'll get 2FA popup only when you login or enter Crowd instance.
Please let me know if you have further questions.
Regards
Anton
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Is there any product or functionality which would allow me to integrate the SSO provided by Crowd with 2FA? (this is for the datacenter version)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
There are couple of 2FA add-ons available. But if those plugins will be enabled for JIRA cloud is up to Atlassian.
So for JIRA server, you can check out the benefits of our new 2FA JIRA add-on for two-factor authentication using your SecSign ID.
https://marketplace.atlassian.com/plugins/com.secsign.secsignid/server/overview
For a more detailed installation tutorial visit
https://www.secsign.com/jira-2fa-tutorial/
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Recently SecSign ID published a 2fa plugin for Atlassian Crowd:
https://marketplace.atlassian.com/plugins/com.secsign.secsign-crowd/server/overview
A more detailed tutorial could be found at https://www.secsign.com/developers/atlassian/crowd-2-factor-authentication-tutorial/
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Christopher,
we published the new Bamboo and Bitbucket 2FA plugins. Now you can activate 2FA with Crowd for your Bamboo and Bitbucket setups as well.
If you want to manage 2FA centrally via Crowd or a user management system connected to Crowd you simply need to install the SecSign ID Crowd and the SecSign ID Bamboo plugin. The configuration setups for Crowd can then be found in the backend of the Bamboo plugin.
Feel free to test the plugins and don't hesitate to let us know about any questions and feedback. We appreciate your input.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Dennis,
we have recently published a Plugin for 2FA or two factor authentication for Atlassian Crowd.
Have a look at https://marketplace.atlassian.com/plugins/com.secsign.secsign-crowd/server/overview
Besides this we offer 2FA plugins for JIRA and Confluence to work with the Crowd instance to map and synchronize the user.
SecSign 2FA Add-on for Atlassian JIRA
SecSign 2FA Add-on for Atlassian Confluence
Let us know if you need more information about the integration.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
A quick question on this...if we install the plugin for Crowd would this effectively enable 2FA for a Bamboo instance that was linked to Crowd for user authentication?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Christopher,
no it would not enable 2FA for Bamboo (or BitBucket). You will need to install a seperate add-on.
Currently we are working on such a Bamboo and Bitbucket add-on to supply 2FA support to these systems.
Also we are working at our Crowd plugin so in the future an admin can administer the two factor authentication centrally in crowd.
Titus
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Community moderators have prevented the ability to post new answers.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.