This article shows what logging with two-factor verification looks like from an end user's perspective. We assume that the user is already enrolled in extra verification and is logging in to Jira with regular user name and password authentication.
The examples shown here assume that an administrator has already configured a multifactor policy which requires extra verification.
Using Windows Hello, Touch ID or USB security keys
Extra verification shows up an additional step right after the user has logged in. The user experience depends on which verification factors the user has enrolled.
Users registered with Windows Hello, MacOS Touch ID, Android phone or USB security keys can verify using FIDO Web Authentication. Users click the Verify button to initiate verification:
Some form of user interaction is typically required to confirm user presence, like touching a button or using the fingerprint reader.
The below example shows the Windows Hello confirmation dialogue. 'John Doe' has registered his face with Windows Hello, and only needs to press 'OK' to verify.
Using an authenticator app
Users who have enrolled an authenticator app open the app on their phone and enters the six digit code to verify.
Trusting a device
A multifactor policy may be configured to allow users to verify only once for a given device. Users may then select Don't ask again on this computer which allows them to log in without extra verification on this device in the future. Users can manage their trusted devices in their Extra Verification settings:
Users may in some circumstances be prevented from verifying the normal way. This may happen when:
- The user lost access to their security key (it is lost, stolen or forgotten)
- The user is singing into new device, and their only registered factor is a platform authenticator on a different device.
In these situations, users can approve a pending verification from a device where they are already logged in. Pending verifications are available by selecting 'Extra verification' on the users profile menu.
See it in action
See a Windows Hello user use his face as extra verification when logging in.