Two Factor Authentication (2FA) for JIRA

Two Factor Authentication (2FA) for the Jira app, gives the ability to enable 2FA for Jira Software and Jira Service-Desk. Jira Software and Jira Service-Desk are compatible with all Authenticator Apps. Here we will go through a guide to configure 2FA between Jira and Mobile Authenticator. By the end of this guide, Jira users should be able to log in and register to Jira Software with the second factor of Authentication.

Pre-requisites

To configure Two-Factor Authentication for Jira, you need the following items:

  • Jira should be installed and configured (supported version Jira Server 7.0.0 - 8.10.0 Jira Data Center 7.0.0 -8.10.0. )
  • Admin credentials are set up in Jira.
  • Valid Jira Server or Data center Licence.

Download And Installation

  • Log into your Jira instance as an admin.
  • Navigate to the settings menu and Click Manage Apps.
  • Click Find new apps or Find new add-ons from the left-hand side of the page.
  • Locate Two-factor Authentication(2FA) for JIRA, Jira 2FA via search.
  • Click Try free to begin a new trial or Buy now to purchase a license for Two-factor Authentication(2FA) for JIRA.
  • Enter your information and click Generate license when redirected to MyAtlassian.
  • Click Apply license.
jira saml sso using adfs

Step 1: Setup miniOrange 2-Factor Authentication

  • Navigate to Two Factor Settings tab.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods settings
  • Enable 2-Factor Authentication: For Enabling 2FA for users click on 'Enable the 2 Factor Authentication' for Jira users & click on Save.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods enable
  • Enable Backup Method: For Enabling the Security Question or Backup Code as Backup Method in case of an emergency login, click on 'Enable Backup Method' and select 'Security Questions'(the User need to configure unique security questions) or 'Backup Code'(add-in will provide a set of one-time passcode)
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods backup methods
  • Allowing 2-Factor Authentication for users: For enabling 2FA for users, navigate to 'User Management' tab, where you can see the list of all the active users, and all 2FA operations can be performed on these active users.

    Note: 2FA for all the users is disabled by default, you need to manually enable 2FA for all the users.

  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods user management
  • 2FA for Users: Enter the name of the user in the Search Bar for whom you want to perform the operation and hit the search button, the user with that name will appear. And then in the Action column, select the required Action.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods for single user
  • 2FA for Groups: Enter the name of the group in the Search Bar for which you want to perform the operation, and hit the search button, the group with that name will appear. And in the Action column, select the required Action.

    Note: In future, if users get added to this group, 2FA will be enabled for them by default.

  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods for single group

Step 2: How the user can Configure the 2FA

  • Welcome Message for users: The following screen will be shown to users after enabling 2FA for a particular user.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods for end user
  • Configure the Mobile Authenticator app: Once the user clicks Next, the Mobile Authenticator setup screen will be shown. Where the user needs to scan the QR code or use the Secret Key and then enter the 6 digit OTP generated on mobile app.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods mobile authentication
  • Configure the Security Question as Backup Method: Once Mobile Authenticator is configured successfully & if the Security Question is activated, the user will see the screen below where the user needs to configure the Security Question based on his knowledge.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods KBA
  • Configure the Backup Code as Backup Method: If the Backup Code is activated as a Backup Method, the user will see the screen below where the user will see the list of one-time passcode.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods backup code

Step 3: Additional Features

  • Mobile Authenticator Settings: Customized label can be given to the Authenticator app. Enter the 'Name' for your authenticator app in the text box.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods authentication settings
  • Remember My Device: It allows the user to ignore the 2FA check when trying to log in from the same device. Enable the checkbox for 'Remember My Device' feature, and in 'Expiry Time (in Days)' section enter the number of days for which the remember my device settings will be saved.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods remember device
  • Brute Force Configuration: It is used for restricting the access to your Jira Application based on the number of Invalid Login Attempts for the specified period of time. For enabling Brute Force Configuration, click on the 'Enable Brute Force Protection for Jira' checkbox, then select the number of invalid login attempts after which user will lock, and the time for which the user will be in a locked state and won't get access to Jira application
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods brute force authentication

Step 4: User Management

  • 2FA for Single User: Enter the name of the user in the Search Bar for whom you want to perform the operation and hit the search button, the user with that name will appear. And then in the Action column, select the required Action.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods enable single user
  • 2FA for Multiple Users: Select the users, in the Bulk 2FA Action drop-down list select the action you want to perform. And then hit Apply Button.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods enable multiple users
  • 2FA for All Users: In Bulk 2FA Action Dropdown list under All users Section select necessary Action and hit Apply Button.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods enable all users
  • 2FA for Single Group: Enter the name of the group in the Search Bar for which you want to perform the operation and hit the search button, the group with that name will appear. And then in the Action column, select the required Action.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods enable single group
  • 2FA for Multiple Groups: Select the Groups, in the Bulk 2FA Action drop-down list select the action you want to perform. And then hit Apply Button.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods enable multiple group
  • 2FA for All Groups: In Bulk 2FA Action Dropdown list under All groups Section select necessary Action and hit Apply Button.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods enable all group

Step 5: IP Restrictions

  • IP Whitelisting: It is a security feature that is often used for trusted users who can directly log into Jira without asking for 2FA. Enter the IP address and click save for enabling the IP whitelisting
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods IP whitelisting
  • IP Blocking: It is a basic access control mechanism that blocks access to Jira Application based on the IP address. It will deny access for those IPs which are listed here. Enter the IP address in the text box for IP blocking. The message for this blocked users can be customized, enter the message in the 'Blocked User Message' text box and click on save button.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods IP blocking

Step 6: Reconfigure 2FA

  • Reconfigure 2FA: For reconfiguring 2FA for end-user, navigate to User Profile click on Two-factor Authentication, you can see the Configure Two Factor(2FA) window, now click on Reset button to Reconfigure the Authenticator or Backup method.
  • Setup Two Factor (2FA / MFA) Authentication for Jira using OTP, KBA, TOTP methods user profile


Our Other Apps: SAML SSO Apps | OAuth Apps | 2FA Apps | Crowd Apps | REST API Apps |
                             Bitbucket Git Authentication App | Kerberos/NTLM Apps | User Sync Apps

If you are looking for anything which you cannot find, please drop us an email on info@xecurify.com