Require two factor authentication support for On Demand authentication

When will On Demand support two factor authentication? Simple login/password security on world-accessible web sites just doesn't cut it these days.

There is a non-proprietary, open standard for two-factor authentication. It's called RFC 4226. This is the same standard that Google uses for Gmail and that is implemented by the Google Authenticator smartphone app and others.

The algorithm, based on SHA-1, is easy to implement, and key management and distribution is easy as well.

Atlassian needs to get on the bandwagon before something really damaging and embarassing happens.

6 answers

1 accepted

0 votes
Accepted answer

Hi, there is an open issue in Crowd for it. It will be implemented in Crowd. Please vote for it https://jira.atlassian.com/browse/CWD-677.

Otherwise, if you are looking for a hosted Atlassian solution outside of OnDemand with two factor authentication, we've done this before for customers using an Apache Module. If you are interested, contact us at sales@queryfoundry.com.

Ping. Can i use two factor auth for JIRA cloud?

Have a look at the link Harry posted in the original correct answer.

0 votes

Two factor is usually very poorly implemented, or just misunderstood. I'm hoping that if Atlassian do something like it, they do it properly. Quite difficult given that there aren't many good examples around.

Any idea if this is ever going to happen ? I totally agree with Archie, it's crazy you guys don't support this

Follow up comments are probably better posted into Jira - once Atlassian have a specific issue for it, it won't get much attention on Answers (See and follow Henry's link to the request)

I'm tired of waiting for Atlassian. I will provide an Atlassian managed cloud for you to get two-factor authentication and IP restrictions. If you are open to this idea, let me know here: http://smsworkflow.com/site/managed-cloud-interest/

Desperately seeking 2-factor authentication. This could be a deal breaker if it really is NOT on the roadmap or available soon.

Forgot to add, I use Google Authenticator already for other projects. Be nice if I could use it here.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 27, 2018 in Portfolio for Jira

Introducing a new planning experience in Portfolio for Jira (Server/DC)

In the past, Portfolio for Jira required a high degree of detail–foresight that was unrealistic for many businesses to   have–in   order to produce a reliable long-term roadmap. We're tur...

2,938 views 19 22
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you