You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
I have new security requirements that require two-factor authentication on our Atlassian tools: Crowd, JIRA, Confluence, Stash, and Bamboo. I see that there is a product called "Secure Login via 2-Factor Authentication by SYRACOM that is a plugin for JIRA. Is there something similar to that for Crowd (all of our tools authenticate through Crowd) or does someone know of a different solution.
I find it hard to believe this is not a basic, built-in, capability of Crowd.
You may install free plugin for Crowd Server for your 2FA requirements: https://marketplace.atlassian.com/apps/1220849/2fa-for-crowd-u2f-totp?hosting=server&tab=overview
Plugin supports TOTP (Time-based One-time Password algorithm via mobile authenticators) and U2F devices (Universal 2nd Factor).
Thank you for your question.
It will allow you to use 2FA on Crowd side when you login to Jira or other connected applications.
To configure this - you need to use Crowd's Authenticator in your connected application.
P.S. At the moment we don't support SSO (will be implemented soon).
Sorry I don't fully understand.
If I'm logged out of all the apps including Crowd and I login to Bamboo will I get the 2FA popup?
If I get the popup and I input the right code I will be admitted.
What happens if next I go to JIRA? Does 2FA remember I already logged in to Bamboo?
Or will it ask for credentials again?
The way I have it setup right now I login once (be it Bamboo, JIRA, Crowd, Confluence....) and then when I go to the other apps I don't need to login again.
Is this what you are referring to as SSO? (which the plugin does not support for the moment).
Thanks for your question.
Currently 2FA for Crowd: U2F&TOTP plugin supports CAS (central authentication service which is the sso protocol for the web https://en.wikipedia.org/wiki/Central_Authentication_Service ).
There are differences between CAS and Crowd SSO you described.
In your case if you are logged out of all apps including Crowd and you installed 2FA for Crowd you'll get 2FA popup only when you login or enter Crowd instance.
Please let me know if you have further questions.
There are couple of 2FA add-ons available. But if those plugins will be enabled for JIRA cloud is up to Atlassian.
So for JIRA server, you can check out the benefits of our new 2FA JIRA add-on for two-factor authentication using your SecSign ID.
For a more detailed installation tutorial visit
Recently SecSign ID published a 2fa plugin for Atlassian Crowd:
A more detailed tutorial could be found at https://www.secsign.com/developers/atlassian/crowd-2-factor-authentication-tutorial/
we published the new Bamboo and Bitbucket 2FA plugins. Now you can activate 2FA with Crowd for your Bamboo and Bitbucket setups as well.
If you want to manage 2FA centrally via Crowd or a user management system connected to Crowd you simply need to install the SecSign ID Crowd and the SecSign ID Bamboo plugin. The configuration setups for Crowd can then be found in the backend of the Bamboo plugin.
Feel free to test the plugins and don't hesitate to let us know about any questions and feedback. We appreciate your input.
we have recently published a Plugin for 2FA or two factor authentication for Atlassian Crowd.
Besides this we offer 2FA plugins for JIRA and Confluence to work with the Crowd instance to map and synchronize the user.
Let us know if you need more information about the integration.
no it would not enable 2FA for Bamboo (or BitBucket). You will need to install a seperate add-on.
Currently we are working on such a Bamboo and Bitbucket add-on to supply 2FA support to these systems.
Also we are working at our Crowd plugin so in the future an admin can administer the two factor authentication centrally in crowd.