Jenkins Two Factor Authentication
Two-Factor Authentication for Jenkins Plugin adds a layer of security to Jenkins authentication by requiring users to provide a second factor of authentication along with their username and password. It enhances the overall security of your Jenkins environment. Additionally, this plugin does not require you to extend the security realm, making it easier to implement and use.
Pre-requisites
To integrate 2FA with Jenkins, you need the following items:
- Jenkins should be installed and configured.
- Jenkins Server is https enabled (optional).
- Admin credentials are set up in Jenkins.
- To enable OTP over email , mailer plugin should be installed - Jenkins Mailer Plugins
Download and Installation
- Login to your Jenkins Admin Account.
- Go to Manage Jenkins option from the left pane, and open Manage Plugins tab.
- Search for 2FA in the available tab.
- Download and install with a restart.




1: Enable 2FA Authentication Methods
- Access the Manage Jenkins page within your Jenkins dashboard.
- Navigate to the Security section and locate the 2FA Global Configurations option.
- Click on 2FA Global Configurations to access the configuration settings.
- Security Questions: This method prompts users to provide answers to specific security questions during the authentication process.
- OTP over Email: This method utilizes One-Time Passwords sent via email for authentication purposes.
- Choose between the available authentication methods: Security Questions or OTP over Email.
In the 2FA Global Configurations page, you will find the following authentication methods available:
To enable 2FA authentication, proceed as follows:
If you have already configured a SMTP server in your Jenkins, you may proceed to the next step. However, if you haven't done so, then it is essential to complete this step for using OTP over Email authentication method.
Setting up an SMTP server will allow you to send emails for authentication. The following steps will help you set up your SMTP server:
2: Configure SMTP Server in Jenkins
- Access your Jenkins dashboard and navigate to the Manage Jenkins page.
- Under System Configuration section, locate and select System.
- In the Configure System page, scroll down to the Email Notification section, positioned at the bottom.
- Within this section, you can configure SMTP Server settings. Enter the name of the server, then click on the Advanced button to expand more options.
- Proceed by enabling the Use SMTP Authentication option, and then provide Username and Password details. Additionally, input the designated port number into the provided SMTP Port input field.
- If you want to test the SMTP server connection, enable Test configuration by sending test email then enter the email address and click on Test Configuration.
- Once all necessary configurations have been completed, ensure to click on the Save button.

Check the Enable 2FA for all users checkbox to activate the 2FA feature in Jenkins.

3: Configure Authentication Methods on User Login
Once 2FA authentication methods are enabled, users will be prompted to configure their preferred 2FA method during login. They can configure the methods either during login or by accessing the 2FA Configuration page from their Profile page within the Dashboard.

- The authentication methods can be configured either during the login process or by visiting the 2FA Configuration page within the profile dashboard.
- To complete the verification process, click on the Send OTP button to receive a One-Time Password (OTP). Enter the received OTP and click on the Validate button to authenticate and proceed further.
- The authentication methods can be configured either during the login process or by visiting the 2FA Configuration page within the profile dashboard.
- In the configuration page, select your preferred question from the options provided for the first and second security questions. Enter the corresponding answers for the first two questions.
- In the third place, you have the option to create a custom question and provide its answer.
- Once you have entered the necessary information, click on the "Save" button to save your configured security questions.
Configuring OTP Over Email -

Configuring Security Questions -
By completing both of the above steps, your security questions and OTP over email will be successfully set up and saved for future use.

4: Reset 2FA Authentication Methods
To reset the configured authentication methods, please follow these instructions:
- Click on your profile name located in the top navigation bar.
- From the options displayed, select 2FA Configuration in the left sidebar.
- In the 2FA Configuration page you will find the authentication methods along with their respective configuration statuses.
- To reset an authentication method, click on the Reset button associated with the authentication method.
- After resetting, the method will be available for re-configuration on this page.
By following these instructions, you will be able to reset and reconfigure the authentication methods through the 2FA Configuration page accessible from your profile dashboard.

Additional Resources
Did this page help you?
