Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

What is the Maximum Authentication Attempts Allowed for JIRA Cloud Version

Kathi Paquet
Kathi Paquet
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 15, 2017

I am trying to see if JIRA Cloud has a maximum # of login attempts for I need to complete my security assessment.

Answer
Watch
Like Be the first to like this
1019 views

2 answers

0 votes
Kathi Paquet
Kathi Paquet
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 16, 2017

Thanks!  Can you point me to the information/documentation around the user ids for the Cloud?  I need to also capture the password (length, complexity, etc.)

Thanks again!

View More Comments
Shannon S
Shannon S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 16, 2017

Hi Kathi,

The password policy for Atlassian ID is only that it needs to be between 8 and 100 characters long. This and the maximum login attempts are not documented on our site, but I was able to verify them by testing.

We will be rolling out our new Identity Manager for Cloud within the next few weeks, and once it's implemented on your instance, you'll be able to create an organization and control your own password policies for any managed domains that you have claimed.

For more information on the usage of the current setup, Atlassian Account, review the following:

If you want full control, however, I would definitely look into setting up SAML for your instance from the article I sent you earlier. Do let me know if you have any questions about that!

Kind Regards,
Shannon

Like
Reply
0 votes
Shannon S
Shannon S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 16, 2017

Hi Kathi,

Using Atlassian ID login on Cloud will allow a user to attempt a login 10 times. On the 11th time, it will ask the user to complete a Google Captcha.

There is no "lockout" per se, and the user will continue to be asked for the Captcha until there is a successful login.

If attempting via API it will lock them out once the 11th try is reached, and then they will need to attempt to login normally from a browser to reset it.

Lastly, I have created a feature request below to be able to set maximum attempts for any users who have managed domains:

Please feel free to vote on this if you would be interested in such a feature.

One thing to note, if you decide to implement SAML on your instance, or use GSuite or login via Google, the policies on those providers will be enforced instead.

I hope this helps.

Kind Regards,
Shannon

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events