From 16 April, registration with multi-factor authentication (MFA) will be available for the productive Atlassian services of the University Computer Centre. Use is initially voluntary, but is recommended for all users in order to significantly increase the protection of their own access.

A brief declaration: multi-factor authentication

With multi-factor authentication, registration is secured by a second factor in addition to the password.

In addition to the login ID and password, a limited one-time code is requested, which is generated via an authenticator app on the smartphone.

The code is only valid for a short time. Even if a password is known, registration is not possible without the additional one-time code.

Use initially for Atlassian services

MFA registration will initially be provided for the following services:

• Jira
• Confluence
• Service Desk

• Registration takes place via Single Sign On (SSO). After successful registration, several connected applications can be used within one session without having to log in again.

Central SSO infrastructure of the HS-ITZ

Authentication takes place via the central SSO platform

https://sso.hs-itz.deExternal link

This is operated on the infrastructure of the Thuringian Institution of Higher Education IT Centre (HS-ITZ). In the future, this infrastructure will also be used by other institutions of higher education in Thuringia.

As registration takes place via this central platform, the appearance of the login page may differ from the previously known login pages of the university.

Centralised solution instead of Atlassian-internal MFA

The MFA introduced is not an Atlassian-internal security function, but a central authentication solution of the data centre or HS-ITZ.

The advantage of this approach is that the MFA can also be used for other university services in the future. The current introduction for the Atlassian applications therefore represents a first step.

Facility|institution|(structural) unit

The following is required once to use the MFA:

• Installation of an authenticator app on the smartphone

• Facility|institution|(structural) unit of two-factor authentication in the SSO portal

• Backup of the recovery codes

Set-up instructions are currently being prepared and will be made available in good time before the launch.