Addressed with Crowd 6.2.0.

Any update on this? Disabling MFA in Entra ID is not an option these days. Are there any workaround to use Entra ID with enforced MFA?

Hello Team Atlassian Crowd,

what is the current status of implementing 2FA in Crowd?
Did the topic make it onto your roadmap? If so, when can we expect this feature?
We also need to plan and would like to include this in our roadmap as well..

Hi all,

Thank you so much for your votes and comments on this feature.

We are doing further research on this topic and would love to invite you to take part in an upcoming customer research study! We're looking to speak to Crowd's administrators about the authentication security requirements.

What’s involved in the research:

• Sessions are [1 hour] and conducted over video conference, so you can participate from anywhere around the globe.

• During the research, we'll start with a general chat to get to know you. Then we would like to discuss what authentication methods you use and how you've set them up for Atlassian Data Center products.

• As a token of our appreciation, you'll receive an e-gift card worth $100 USD within 5 business days of completing your session.

Interested in taking part? Follow this link https://www.userinterviews.com/projects/shUftr4lEw/apply to fill in a few more details so we can make sure you’re a good fit.

If you have any other questions at all, feel free to reply to this message or email me directly on mmiodek@atlassian.com. We look forward to meeting you!

Cheers,

Mateusz Miodek

Product Manager, Atlassian DC User Management Team

https://getsupport.atlassian.com/browse/PSSRV-53290

Hi Atlassian,

I am slightly confused here

We are looking to implement Crowd DC on AWS and link it to Azure AD which already has 2FA in place.

Your instructions here https://confluence.atlassian.com/crowd/configuring-azure-active-directory-935372375.html say 

• Crowd doesn't support multi-factor authentication. You'll need to disable it for your users in Azure AD, or they will not be able to log in to Crowd or any integrated applications. 

So essentially your are saying that to integrate Crowd to Azure AD I need to ask my Organisations InfoSec team to turn of 2FA for Azure AD  - which i am sure is not going to happen.

Am i missing something here ? 

Very disappointed at the lack of attention.  If you say you are going to provide an update, you should do so.  On time.

502 votes, 323 watchers. A promise for an update in 2021 Q2. I still come back and look at this ticket regularly.

We agree, Atlassian not offering the regular on-premise server is impractical, to say at least. But, there is an option to secure the Datacenter setup.
You can secure your Crowd and all connected services with the SecSign ID on-premise server. 2FA can be implemented with the SecSign ID 2FA iOS, Android and Desktop apps, FIDO, Mail OTP or hardware token. You can also integrate the 2FA directly with the individual services, for example Confluence. With the SecSign ID solution you have the best flexibility and the best security all with one solution. Plus, you keep control over your authentication data. Send us a message at sales@secsign.com for any questions. Cheers!

Meanwhile Q2 of 2021 has passed and nothing new has happened. This does not give me much confidence in the declaration of Atlassian that they will continue investing in their data-center products (or at least not in Crowd). This request has been open since 2007 and no action has been taken on this except asking for our patience. 

With teams being working from home due to covid restrictions it seems that Atlassian is not longer interested in providing a secure solution to its customers who cannot move to Cloud due to all kinds of restrictions...