Details
-
Suggestion
-
Resolution: Done
-
None
Description
Hi everyone,
My name is Rak Garg, and I am a product manager at Atlassian. I'm excited to announce that password policy management has been decoupled from Atlassian Access, and is now offered as a core platform feature for no additional cost! To enforce password policies for your users, you'll need to first create (or access) your organization at admin.atlassian.com. From there, follow our instructions to claim a domain.
If you've already taken ownership of a domain, then you can immediately start using password policy management for your managed accounts. Thank you for commenting and interacting with this ticket. It's hugely impactful to us as a product development team to understand how best to serve our customers, and we appreciate your time.
If you have any questions or concerns, please don’t hesitate to email me at rgarg@atlassian.com
Best,
Rak Garg
Atlassian Product Management
According the documentation you must subscribe to Atlassian Access to enforce password policies. https://confluence.atlassian.com/cloud/password-policies-938859739.html
Given the state of cyber-security, strong passwords should be a default platform feature for Jira Cloud and not something only available through an additional subscription.
I understand putting identity provider integration, 2FA, and additional value added password management options behind a subscription (custom expiration, custom rules) given the additional value they provide. Though I do not see why strong passwords (or at least the option for them) is not considered a default platform configuration.
Please let me know if I'm misinformed about the default policy for Jira cloud passwords.