Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-24322

Two Factor authorization, like Gmail has, to Confluence


    • 6
    • 33
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Atlassian Update – 26 April 2024

      Hi everyone,

      We’re working on improving the security of our login experience for Confluence by allowing customers to add a second authentication layer.

      The new login process will support a built-in two-step verification (2SV) capability using time-based one-time password (TOTP) as a second factor.

      We’re happy to announce that we’re launching an Early Access Program (EAP) to seek feedback for the prototype of this solution and invite you to take part in this.

      See the recent Atlassian developer changelog entry for updates, useful links and videos.

      Kind regards,

      Jacqueline Bietz
      Product Manager
      Confluence Data Center

      NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.

      Problem definition

      Security of Confluence content is very important for many of our customers and securing the login action is the first step to ensure valid authentication to protect confidential information. Currently, Confluence offers only email/username password combination is available.

      Suggested Solution

      Two factors authentication can be adopted to add more security to Confluence login action.
      Many solutions are available, like Gmail approach for two factor:

      • SMS based, no new hardware needed
      • Can authorize a browser for up to 30 days from a single two factors auth (e.g. only pw is needed for 30 days, and on day 31 you have to do the whole two factors dance)
      • Gmails approach is a nice combination of security and ease of use but others are available too.

      Plugins as workaround

      There is 2 plugin offering this features

      1. 2-Factor Auth Secure Login - Confluence
      2. Duo for Confluence.

            3de8ace38af0 Jacqueline Bietz
            3135197820ab rafael zimberoff
            145 Vote for this issue
            120 Start watching this issue