Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Two-Step Authentication via Google Auth/Authy/FreeOTP for Confluence Server

adrianoatl
adrianoatl
Contributor
May 8, 2019

I have not been able to find how to add or enable 2FA/two-step authentication for extra security via apps such as Google Auth, Authy, FreeOTP, etc., while keeping the username/password to log into Confluence Server. Is there such an option out there yet?

  • UPDATE: Duo offers a solution for that, but it seems overly complicated for what it should do I reckon, and relies on an external website, which may increase the risk of being locked out: https://duo.com/docs/confluence

Any other solutions?

Answer
Watch
Like Stephen Richards likes this
1567 views

4 answers

2 accepted

2 votes
Answer accepted
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 13, 2019

If you need a 2FA for Confluence Server why don't you just search for 2FA on marketplace?

https://marketplace.atlassian.com/search?query=2fa

I've been lead to this question only because someone mentioned SSO and we are a vendor of EasySSO that integrates with SecureLogin 2FA for Confluence and I can attest that it (the 2FA plugin) works very well.

Certainly if you want to add the complexity of SAML SSO - you can look at any on the SAML plugins, but why bother?

View More Comments
adrianoatl
adrianoatl
Contributor
May 13, 2019

Thanks, Ed, I'll have a look at EasySSO, which indeed does look interesting.

Like Ed Letifov _TechTime - New Zealand_ likes this
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 13, 2019

Well thanks, but the main point was - if you need 2FA, look at 2FA apps. SecureLogin is the 2FA app. EasySSO is just a 5-in-1 SSO solution that supports NTLM, Kerberos, SAML, X.509 and headers-based authenticators and integrates with SecureLogin.

Like
adrianoatl
adrianoatl
Contributor
May 13, 2019

Most definitely, I got that. I'm looking at Secure Login right now, which looks simple enough for our current needs. However, I'm also looking at EasySSO for further expansion and needs.

Like
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 13, 2019

OK great. As Gold Solution Partner in New Zealand we are running 24x7 support - so if you have a question about EasySSO, please do reach to us, and we will make it work for you!

Like
adrianoatl
adrianoatl
Contributor
May 14, 2019

Thanks Ed, will do.

Like
Reply
1 vote
Answer accepted
Stephen Sifers
Stephen Sifers
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 13, 2019

Hello Adriano,

If you’re not wanting to have to deal with additional factors for Authentication then your best option for using a simplified MFA to access Confluence would be to use SAML with SSO. SAML with SSO will allow your users to authenticate prior to accessing Confluence and MFA is completed at the SSO portal prior to the application. There are a few solutions which add SAML to Confluence via marketplace app along with the option for using Crowd | Atlassian. You may find a preset search for SAML at Atlassian Marketplace | SAML.

Additional resources which may prove helpful are as follows:

I hope this proves helpful and you’re able to start protecting your Confluence instance with MFA.

Regards,
Stephen Sifers

View More Comments
adrianoatl
adrianoatl
Contributor
May 13, 2019

Thanks, Stephen, your input is much appreciated.

Like Ed Letifov _TechTime - New Zealand_ likes this
Reply
0 votes
Vikas Nare
Vikas Nare February 18, 2021

For Confluence Server & Datacenter, you can also refer to the miniOrange Confluence 2FA/MFA addon which provides a rich set of 2FA methods, such as TOTP applications(Mobile Authenticator), OTP Over Email, Security Questions, Backup Code.

It supports Mobile Authenticator applications like Google authenticators, Authy authenticators, Duo authenticators, Microsoft authenticators, Symantec VIP & so on.

Note:- Plugin is also compatible with all SSO addons.

Thanks,
Vikas

PS: I work for miniOrange one of the top SSO & 2FA/MFA vendors in the Atlassian Marketplace. Feel free to reach out to miniOrange Support in case of any questions or need assistance with the plugin configuration.

Reply
0 votes
adrianoatl
adrianoatl
Contributor
May 14, 2019

I've finally settled for 2FA / U2F Secure Login for Confluence. It does the job great and is rightly priced for what it does. The installation is fairly straightforward.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.