Hello there!

Need Help? We are right here!

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Your Contact E-mail

What are you looking for

How can we help you?

Overview

Introduction to miniOrange Two Factor Authentication (2FA) Add-on

The miniOrange Two-Factor Authentication (2FA) App provides an extra layer of security for Jira Software and Jira Service Management. By implementing 2FA, organizations can ensure that users not only need their passwords but also a second authentication factor to access their accounts.

This additional step significantly enhances security, protecting against unauthorized access even if login credentials are compromised.

Benefits

Enhanced Security: Adds an extra layer of protection by requiring a second form of verification.
Reduced Risk of Unauthorized Access: Protects against compromised passwords and potential brute force attacks.
Flexibility: Supports a variety of 2FA methods including OTP, security questions, hardware tokens, and more.
User Convenience: Offers options for backup methods and remember device features to streamline user access while maintaining security.
Compliance: Helps meet security requirements and standards for organizations needing robust authentication practices.

Key Features

Multiple Authentication Methods: To ensure robust security, our add-on supports various authentication methods:
- TOTP via Mobile Authenticator App: Generate secure, time-based one-time passwords (OTPs) using your mobile device.
- Yubikey Hardware Token (U2F): Use a physical Yubikey for a quick and secure authentication process.
- OTP via Email: Receive a one-time password sent directly to your registered email address.
- OTP via SMS: Obtain a one-time password sent to your mobile phone via SMS.
- Security Question and Backup Method: Answer security questions or use alternative backup methods for additional security.
Enforcement Flexibility: Administrators can configure 2FA settings to meet their security needs:
- User-Specific: Enforce 2FA on a per-user basis.
- Group-Based: Apply 2FA requirements to specific user groups.
- IP-Based: Implement 2FA based on users' IP addresses.

Additional Security Features

Our 2FA add-on offers several advanced features to enhance your security:

IP-Based Restriction: Limit access based on IP addresses to ensure only authorized users can authenticate.
Multiple Backup Methods: Utilize various backup options to recover access if needed.
Audit Logs: Track and review authentication attempts and activities for increased transparency.
Protection Against Brute Force Attacks: Safeguard against repeated login attempts and unauthorized access.
Customizable End-User Templates: Personalize templates for end-user communication and instructions.
Remember My Device: Allows users to skip the 2FA check when logging in from the same device for a specified duration, enhancing user convenience.
One-Time 2FA Validation in Crowd Applications: Lets users skip 2FA in other Crowd-connected applications after successful validation in one, streamlining the authentication process.
24/7 Support: Receive dedicated support from our expert team anytime.

Pre-requisites

Before setting up the miniOrange 2FA App, ensure the following requirements are met:

Atlassian Tools Installation:

Jira: Ensure Jira is installed and properly configured.
Confluence: Ensure Confluence is installed and properly configured.
Bamboo: Ensure Bamboo is installed and properly configured.
Bitbucket: Ensure Bitbucket is installed and properly configured.
Crowd: Ensure Crowd is installed and properly configured.

Supported Versions:

Jira Server/Data Center: 7.0.0 or higher.
Confluence Server/Data Center: 7.0.0 or higher.
Bamboo Server/Data Center: 7.0.0 or higher.
Bitbucket Server/Data Center: 7.0.0 or higher.
Crowd Server/Data Center: 3.0.0 or higher.

Admin Credentials: Ensure you have administrative credentials for the respective Atlassian tool(s) to configure and apply 2FA settings.

Licensing:

A valid license for the respective Atlassian tool(s).
A license for the miniOrange 2FA App.

SSL Configuration: Ensure SSL is configured for secure communication, especially for methods like Yubikey and Web Authentication.

SMS Gateway Configuration: Ensure a configured gateway to send end-users the OTP required for 2FA if their method is OTP over SMS.

Email Server Configuration: Ensure a configured server to send end-users emails with the OTP required for 2FA if their method is OTP over Email.

Connectivity:

Internet Access: Required for accessing and configuring the miniOrange 2FA App and for any external 2FA methods like SMS or email.
Integration Access: Required for integrating with third-party services like Duo for push notifications.