Alpha Serve Blog

We publish articles on different topics related to project management, agile methodology and philosophy, software and application development.

Jira 2FA: How to Add Two-Factor Authentication to Jira in 2022

Published: February 02, 2021

Updated: April 26, 2024

Author: Liubov Topchyi

Support Team Lead at Alpha Serve

Jira 2FA: How to Add Two-Factor Authentication to Jira in 2022

Jira is a perfect tool to organize work and manage big projects effectively. However, as it allows to greatly increase the number of collaborators, security threats rise respectively. Fortunately, there is a solution. Learn how to protect your data with Jira 2FA, suitable for your software version.

Here’s what we’ll cover in this blog post:
What is Two-Factor Authentication?
Jira Cloud 2FA With Atlassian Access
Jira Server 2FA With App
Conclusion

Here’s what we’ll cover:

What is Two-Factor Authentication?
Jira Cloud 2FA With Atlassian Access
Jira Server 2FA With App
Conclusion

It is a table of contents. Click on the needed subheading and switch between parts of the article.

What is Two-Factor Authentication?

Two-factor authentication or two-step verification or simply 2FA helps ensure that nobody unauthorized can access the data, as it forces you to enter a code in addition to a password during the login process. Usually, an app, hardware, or text (SMS or email) messages are used for this purpose. Now let’s see how you can add this second layer of protection to Jira.

Jira Cloud 2FA With Atlassian Access

All your team members can switch to two-step verification for their Atlassian account at any time. However, if you prefer to force all of them to enable 2FA, you'd better subscribe to Atlassian Access (especially beneficial if you use multiple Atlassian cloud products). It helps to keep all users and data safeguarded across the platforms and enables centralized administration.

How to Enforce Jira Cloud Two-Factor Authentication

This can be done from the site's Admin account. First, go to admin.atlassian.com, then select Security and Two-step verification. Click Enforce two-step verification. After this procedure, all existing users will be notified by email of how to enforce 2FA. It will also be mandatory for all new users.

How to Stop Enforcing 2FA for Jira Cloud

When 2FA is no longer needed, select Security -> Two-step verification at the Admin account, and click Stop enforcing two-step verification. To stop using the feature, each user will have to disable it at his.her own account. They can also opt to continue using 2FA.

Temporarily Exclude Users From Jira Cloud 2FA

If for any reason you need to temporarily exclude a user from 2FA, navigate to the site's Admin, select Directory > Managed accounts, find respective account and click Show details. Then go to Security > Two-step verification and click Exclude from two-step verification.

Jira Server 2FA With App

The most efficient way to protect your data from leaks if your Jira instance is deployed on your own server is to add a special plugin, for example, 2FA for Jira: U2F & TOTP by Alpha Serve. You can download it directly from the Atlassian Marketplace. Similar security apps are also available for other Atlassian products.

2FA for Jira: U2F & TOTP is the Jira two-factor authentication app that supports both TOTP and U2F, which means you can pick a suitable second factor of verification and change it anytime. It may be either mobile application, such as Google Authenticator, 2STP, Authy, etc., or security key via USB, NFC, and Bluetooth devices like Yubico Yubikey, NitroKey, or Feitian.

2FA for Jira: U2F & TOTP has a bunch of other benefits, such as easy configuration, tracking U2F activity, safe backup codes, IP whitelisting, possibility to require all users or specific groups to enable 2FA, and so on.

How To Install and Enable Jira Server 2FA App

To add the plugin, log into Jira as administrator, select the Atlassian Marketplace in the admin drop-down menu, and find the app you want.

To start using 2FA for Jira, one needs to register an authenticator app and add a U2F device if necessary. For this log in to the plugin as usual and scan a QR code generated by 2FA on the Jira login page with an authenticator app; then enter a verification code generated by the app to the Jira Login page and click Enable 2 factor authentication; click Add Account in the app. After that a new U2F device may be added on the configuration page.

How to Configure 2FA for Jira?

With 2FA for Jira: U2F & TOTP, you may choose who you want to make use the two-factor authentication, configure the TOTP settings, set IP addresses that will pass without a 2FA check, etc. For this go to the Jira Administration tab and select Manage app section. On the left side menu panel you will see 2FA FOR JIRA: U2F & TOTP tab. Choose it and click 2FA Configuration.

How Does 2FA for Jira: U2F & TOTP Work?

After enabling 2FA, a second-factor authentication page will appear each time after entering username and password at login to Jira. You will need to either go to the authentication app, generate validation code and enter it at the Jira Login page, or plug U2F device in, click Submit, and press the button on the device.

Conclusion

Planning and working on projects remotely is common for software teams, however, it usually requires sharing sensitive data via the Internet. To avoid information leakages, online attacks, cross-site scripting and forgery, additional protection is needed. The best way to improve reliability and security for your Atlassian products is to adopt Atlassian Two-Factor Authentication (2FA) solutions. At login, in addition to password, they require entering a random code generated by an app or a U2F device.

Show/add comments