Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

2-Factor Authentication for Crowd

Dennis Biringer
Dennis Biringer October 2, 2015

I have new security requirements that require two-factor authentication on our Atlassian tools: Crowd, JIRA, Confluence, Stash, and Bamboo. I see that there is a product called "Secure Login via 2-Factor Authentication by SYRACOM that is a plugin for JIRA. Is there something similar to that for Crowd (all of our tools authenticate through Crowd) or does someone know of a different solution.

I find it hard to believe this is not a basic, built-in, capability of Crowd.

Dennis

Watch
Like Charlie Misonne likes this
6444 views

5 answers

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

3 votes
Anton Storozhuk
Anton Storozhuk August 13, 2019

Hi @Dennis Biringer 

You may install free plugin for Crowd Server for your 2FA requirements: https://marketplace.atlassian.com/apps/1220849/2fa-for-crowd-u2f-totp?hosting=server&tab=overview

Plugin supports TOTP (Time-based One-time Password algorithm via mobile authenticators) and U2F devices (Universal 2nd Factor).

View More Comments
Icon Support
Icon Support January 23, 2020

Hi, so will installing this onto Crowd give 2FA capability for all connected applications - Jira, Confluence, Bitbucket ?  So if I sign in to Jira the plugin on the Crowd server will prompt for a 2FA code ?

Like
Anton Storozhuk
Anton Storozhuk January 23, 2020

Hi @Icon Support 

Thank you for your question.

It will allow you to use 2FA on Crowd side when you login to Jira or other connected applications. 


To configure this - you need to use Crowd's Authenticator in your connected application.


P.S. At the moment we don't support SSO (will be implemented soon).

Best regards,
Anton

Like
sebastian
sebastian April 15, 2020

Sorry I don't fully understand.
If I'm logged out of all the apps including Crowd and I login to Bamboo will I get the 2FA popup?
If I get the popup and I input the right code I will be admitted.
What happens if next I go to JIRA? Does 2FA remember I already logged in to Bamboo?
Or will it ask for credentials again?

The way I have it setup right now I login once (be it Bamboo, JIRA, Crowd, Confluence....) and then when I go to the other apps I don't need to login again.
Is this what you are referring to as SSO? (which the plugin does not support for the moment).

Thanks.

Like
Anton Storozhuk
Anton Storozhuk April 16, 2020

Hi @Sebastian

Thanks for your question.

Currently 2FA for Crowd: U2F&TOTP plugin supports CAS (central authentication service which is the sso protocol for the web https://en.wikipedia.org/wiki/Central_Authentication_Service ).
There are differences between CAS and Crowd SSO you described.

In your case if you are logged out of all apps including Crowd and you installed 2FA for Crowd you'll get 2FA popup only when you login or enter Crowd instance.

Please let me know if you have further questions.

Regards
Anton

Like
sebastian
sebastian April 16, 2020

Is there any product or functionality which would allow me to integrate the SSO provided by Crowd with 2FA? (this is for the datacenter version)

Like Titus likes this
Anton Storozhuk
Anton Storozhuk April 16, 2020

@sebastian we're working on the solution.

Like
Reply
1 vote
Titus
Titus
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 21, 2016

There are couple of 2FA add-ons available. But if those plugins will be enabled for JIRA cloud is up to Atlassian.

So for JIRA server, you can check out the benefits of our new 2FA JIRA add-on for two-factor authentication using your SecSign ID.
https://marketplace.atlassian.com/plugins/com.secsign.secsignid/server/overview

For a more detailed installation tutorial visit
https://www.secsign.com/jira-2fa-tutorial/

View More Comments
Titus
Titus
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 11, 2017

Recently SecSign ID published a 2fa plugin for Atlassian Crowd:

https://marketplace.atlassian.com/plugins/com.secsign.secsign-crowd/server/overview

A more detailed tutorial could be found at https://www.secsign.com/developers/atlassian/crowd-2-factor-authentication-tutorial/

Like
Reply
0 votes
mw
mw April 13, 2018

Hi Christopher,

we published the new Bamboo and Bitbucket 2FA plugins. Now you can activate 2FA with Crowd for your Bamboo and Bitbucket setups as well.

If you want to manage 2FA centrally via Crowd or a user management system connected to Crowd you simply need to install the SecSign ID Crowd and the SecSign ID Bamboo plugin. The configuration setups for Crowd can then be found in the backend of the Bamboo plugin.

Feel free to test the plugins and don't hesitate to let us know about any questions and feedback. We appreciate your input. 

Reply
0 votes
Titus
Titus
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 29, 2017

Hi Dennis,

 

we have recently published a Plugin for 2FA or two factor authentication for Atlassian Crowd.

Have a look at https://marketplace.atlassian.com/plugins/com.secsign.secsign-crowd/server/overview

 

Besides this we offer 2FA plugins for JIRA and Confluence to work with the Crowd instance to map and synchronize the user.

 

SecSign 2FA Add-on for Atlassian JIRA

SecSign 2FA Add-on for Atlassian Confluence

 

Let us know if you need more information about the integration.

View More Comments
Christopher Hopkins
Christopher Hopkins January 26, 2018

A quick question on this...if we install the plugin for Crowd would this effectively enable 2FA for a Bamboo instance that was linked to Crowd for user authentication?

Like
Titus
Titus
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 29, 2018

Hi Christopher,

 

no it would not enable 2FA for Bamboo (or BitBucket). You will need to install a seperate add-on.

Currently we are working on such a Bamboo and Bitbucket add-on to supply 2FA support to these systems.

Also we are working at our Crowd plugin so in the future an admin can administer the two factor authentication centrally in crowd.

 

Titus

Like
Reply
0 votes
Amy Hogan
Amy Hogan March 7, 2016

Dennis, what did you do for this? I have the same issue.

Reply

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events