Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
None
-
all
-
6
-
33
-
Description
Hi everyone,
We’re working on improving the security of our login experience for Confluence by allowing customers to add a second authentication layer.
The new login process will support a built-in two-step verification (2SV) capability using time-based one-time password (TOTP) as a second factor.
We’re happy to announce that we’re launching an Early Access Program (EAP) to seek feedback for the prototype of this solution and invite you to take part in this.
See the recent Atlassian developer changelog entry for updates, useful links and videos.
Kind regards,
Jacqueline Bietz
Product Manager
Confluence Data Center
NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.
Problem definition
Security of Confluence content is very important for many of our customers and securing the login action is the first step to ensure valid authentication to protect confidential information. Currently, Confluence offers only email/username password combination is available.
Suggested Solution
Two factors authentication can be adopted to add more security to Confluence login action.
Many solutions are available, like Gmail approach for two factor:
- SMS based, no new hardware needed
- Can authorize a browser for up to 30 days from a single two factors auth (e.g. only pw is needed for 30 days, and on day 31 you have to do the whole two factors dance)
- Gmails approach is a nice combination of security and ease of use but others are available too.
Plugins as workaround
There is 2 plugin offering this features
Attachments
Issue Links
- is related to
-
- Under Consideration
- relates to
-
- In Progress
-
- Closed
- mentioned in
-
Page Loading...
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
