Alpha Serve Blog
We publish articles on different topics related to project management, agile methodology and philosophy, software and application development.

University Use Case of the 2FA: U2F TOTP Security Plugins for Jira and Confluence

Published: November 18, 2020

Updated: April 26, 2024

Chief Strategy Officer in Alpha Serve
Jira 2FA: How to Add Two-Factor Authentication to Jira in 2022
The aim of this article is to show what kind of benefits educational institutions can reap from using the Jira & Confluence 2-factor authentication plugins and what kinds of issues they can resolve with its help. In addition to colleges and universities, this plugins will be helpful for all kinds of other establishments and businesses that use Jira or Confluence (or both) and seek to improve their network security and overall smoothness.

This is an example of a real university that chose to remain anonymous. Their goal was to increase the level of security for their workflow and project management.

It is a table of contents. Click on the needed subheading and switch between parts of the article.

What is Two-Factor Authentication?

A Little Backstory

  • The university uses Jira, Jira Service Desk, and confluence for their internal operations.
  • While they don’t keep overly sensitive information in their network, the documentation that they have in there should only be accessed by authorized personnel.
  • Before making the decision to install the 2FA plugins for their systems, the only way to access them was from their local on-campus networks or VPNs. No automatic sign-ups or anonymous logins were permitted.

Security Issues Resolved by Jira & Confluence Two-Factor Authentication (2FA)

  • At some point, the university staff decided that allowing only on-campus access through their local network is not ideal for what they are trying to achieve. Their primary remote users would be their engineers and authorized contractors that require access to the network and the tasks are given out to them.
  • They wanted to add an extra layer of security to Confluence and Jira remote login attempts without having to use proprietary devices or applications. An IP whitelist was also created so that the users wouldn’t have to go through an extra step while logging in. Another one of their requirements was the ability to receive API calls from services such as OpsGenie or ServiceNow, which are cloud-based.
  • All of their Atlassian instances aren’t linked with a central university SSO service that covers all of the applications, so they required a special solution developed specifically for Atlassian products.
  • Since their applications would now be accessible from the Internet, the university also required a way to monitor and review login attempts.

The Results of using Jira & Confluence 2FA plugins

  • The client first downloaded 2FA for Jira and 2FA for Confluence plugins for a free trial period. They regularly sent us their feedback, which we took note of and improved the product, catering to their needs even more.
  • The time it took from the initial download to the actual purchase was five months in this case.
  • After a long period of testing, evaluating, and improving, the university purchased the 2FA plugins for both Jira and Confluence, as they felt it was the perfect solution for their situation and issues.
Check our products here: Alpha Serve on Atlassian Marketplace.
Read about WebAuthn for Jira & Confluence here.

Related Topics

Latest from Alpha Serve