SecSignID: Atlassian JIRA and Confluence 2 Step Authentication

2017-12-13 6 minutes to read
Tutorial Index

Two Step Authentication

This tutorial describes the differences of two factor authentication and 2 step authentication with examples of the SecSignID Plugins for Atlassian Jira and Confluence

Overview

Overview

While the SecSign ID two-factor authentication offers the highest level of security for your company logins, in some cases an additional two-step authentication may be required or desired. In that case the SecSign ID Two-Factor Authentication can be supplemented with a two-step authentication with a user name and password.

For information about the integration of the SecSign ID Two-Factor Authentication plugin for JIRA, Confluence or other Atlassian services please see our Atlassian Plugin overview.

Questions? Feel free to get in touch with us if you need help setting up your SecSign ID plugin or to request a plugin for a not yet supported environment.

ATLASSIAN OVERVIEWMORE INFORMATION

Differences

IS THERE A DIFFERENCE BETWEEN 2SA AND 2FA?!

While Two-Factor Authentication and Two-Step Authentication may look similar at a first glance, they do have important differences.

Both authentication procedures involve two factors that need to be fulfilled to securely authenticate the user. For classic 2SA, these factors include the user name and password (knowledge) and a code that is sent to the users account. While this login procedure involves two steps of authentication, it does not necessarily define as two-factor authentication because the second factor may be accessed without the actual possession of the device (for example phone).

A true Two-Factor Authentication includes one factor of knowledge (for example the ID) and one factor of either possession (the mobile device) or biometric identification (fingerprint). While one-time-codes generally used for Two-Step Authentication may be intercepted by hackers, that is not possible with true Two-Factor Authentication.

The basic difference between both authentication services is the validity of the possession factor

If it is possible for a hacker to obtain the factor without being in the possession of the device (for example by mirroring the SIM card or knowledge of login data), it is not a true Two-Factor Authentication but a Two-Step Authentication. If it is impossible for the hacker to obtain the possession factor without being in the actual possession of the device (for example SecSign ID), it is a true Two-Factor Authentication.

SecSign ID offers a true Two-Factor Authentication, which can be supplemented with an additional 2SA for your convenience. For the 2FA login with the SecSign ID, the user needs to provide one factor of knowledge (his SecSign ID) and one factor of possession (his mobile device) or biometric identification (fingerprint or FaceID). The SecSign ID 2SA Atlassian extension adds the factor of a user name and password (additional factor of knowledge) to this authentication procedure.

More information about the difference between 2FA and 2SA are summarized on our blog.

DIFFERENCE BETWEEN 2SA AND 2FA
Pre-requirements

Pre-requirements

To activate the 2-step authentication for your JIRA and Confluence users you first need to setup the SecSign ID Atlassian plugin. More information about the plugins and the tutorial on the respective setup are available in our Atlassian overview.

ATLASSIAN OVERVIEW

To activate the feature you also need administrative rights as well as a corresponding SecSign ID that is assigned to your user name.

Limitations

Limitations of Two-Step Authentication

The 2-step authentication option (2SA) allows for an increased security on top of the two-factor authentication. Once the option is activated the user is prompted to provide his user name and password before authenticating with the two-factor authentication. If the user name and password authentication is successful, the user is then automatically promoted to complete the SecSign ID two-factor authentication. Only after both the user name and password and the two-factor authentication are successful the user is logged into the system.

Activating the option is not possible if no administrator has a SecSign ID because the system would be inaccessible for the administrator upon activating the 2SA option. Also, users can not be assigned more than one SecSign ID because a definite assignment of the user to an ID is no longer possible. User without a SecSign ID need to have an ID assigned to by an administrator to be able to login with the 2SA procedure.

Activate

Activate Two-Step Authentication

To activate the SecSign ID Two-Step Authentication for Atlassian services please navigate to Administration – User management. Set the check mark at “Two-Step Authentication” to activate the feature.

Customizations

Customizations

For SecSign ID on-premise customers we offer complete customizations of the Login experience, from the login screen to enrollment and features for both the user and the administrator. Show your corporate identity and increase your brand recognition with your customized ID app. Contact us for more information and a customized offer.
MORE INFORMATION

No Patch Work Solutions:
Two-Factor Authentiacation for all your Atlassian services.

Atlassian

Logo
Secure your Confluence system with SecSign Two-Factor Authentication.
Logo
Secure your Jira system with SecSign Two-Factor Authentication.
Logo
Secure your Crowd system with SecSign Two-Factor Authentication.
Logo
Secure your Bitbucket system with SecSign Two-Factor Authentication.
Logo
Secure your Bamboo system with SecSign Two-Factor Authentication.
Logo
Secure 2FA for Identity Federation with Active Directory.
Logo
All Atlassian Plugins can be secured with our SecSign-SAML-Plugin.
Logo
Secure all interfaces between your Atlassian system and external apps with our OAuth Plugin.
Logo
Secure your REST interfaces with SecSign Two-Factor Authentication.

Why SecSignID?

Die 2FA von SecSign ist die stärkste Zwei-Faktor-Authentifizierung auf dem Markt! Profitieren Sie von unbegrenzten Möglichkeiten der Integration. Für so gut wie jedes Login bietet SecSign eine Absicherung. Auch für komnplizierte Nutzermanagement-Situationen, wie beispielse Nutzer in und außerhalb eines AD hat SecSign unkomplizierte Lösungen parat.

Logo

Inhouse- oder Cloudlösung

Zwei-Faktor-Authentifizierung in der Cloud, oder volle Kontrolle und individuelle Anpasungen durch eine Inhouse Lösung.
Logo

Sichere Authentifizierung

Passwörter sind nicht sicher. Sichern Sie Ihre Logins und somit Ihre Unternehmensdaten mit unserer echten Zwei-Faktor-Authentifizierung ab.
Logo

Schützen Sie ALLE Logins

Integration in sämtliche Loginumgebungen; Web, Lokal, VPN, Remote Desktop, Mobile Logins und Plugins für nahezu alle Umgebungen.
Logo

Einfache Integration

Unsere Plugins lassen sich leicht in Ihre Systeme integrieren und ohne großen Aufwand auch für eine große Nutzerzahl aktivieren.
Logo

Unkompliziertes Nutzermanagement

Schützen Sie Ihr Active/Directory/LDAP mit der Zwei-Faktor-Authentifizierung und erstellen Sie dadruch Ihr individuelles Identitäts- und Zugangsmanagement mit zahlreichen Sicherheitseinstellungen.
Logo

App Integration

Mit unserer Anwendungsfertigen SDK können Sie ganz einfach die Zwei-Faktor-Authentifizierung in bestehende Apps integrieren. Alternativ erstellen wir eine App mit Ihrem Unternehmens Look-and-Feel.

Your own ID-Server

On premise installations of SecSign ID offer the flexibility to connect with your preferred servers, services, and devices. And you can customize the SecSign ID with your own organization’s branding.

Learn More
On Premise 2FA ID

Latest Blog Posts, Updates & Features

SecSign ID Server passed FIDO Certification

We are happy to announce that the SecSign ID server has passed the official FIDO certification program of the FIDO Alliance. This will allow you to use the complete FIDO2/WebAuthn standard for passwordless 2FA sign-ins in your exi ...

Mehr Lesen

Two-Factor Authentication with Fido2 / WebAuth

The FIDO2 Project is a set of standards developed by the FIDO Alliance and the World Wide Web Consortium (W3C) to create a strong authentication protocol for the web. It consist mainly of the WebAuth standard for the browser part ...

Mehr Lesen

Protecting the Home Office VPN with 2FA

In the recent weeks, home office work has increased potentially. And while employees are practicing social distancing from their home computer, attackers are working hard to exploit security issues in this situation that is unfami ...

Mehr Lesen
SecSign 2FA