JFrog Trust Account Security

Authorization

JFrog provides customers full control over account access authorization by supporting user authentication methods and technologies such as Single Sign-On, LDAP and AD

 

Multi-factor Authentication and Single Sign On

MFA

Multi-factor authentication (MFA) enables a higher level of security when accessing JFrog applications. This ensures that if a user’s credentials are compromised, the MFA method will prevent malicious hackers from gaining access to JFrog applications.

MFA is supported on JFrog Saas solution only.

SSO

SAML (Security Assertion Markup Language) is an XML standard for exchanging user authentication and authorization information between web domains.

The JFrog Platform offers a SAML-based Single Sign-On service allowing federated JFrog partners (identity providers) full control over the authorization process. 

 

Permissions

The JFrog Platform provides a flexible permissions model that gives administrators fine-grained control over how users and groups access the different resources. Permissions are managed from a central location, where you can control users’ or groups’ access permissions.

 

Temporary Login Suspension

When a login attempt fails, the system will temporarily suspend that user’s account for a brief period of time. If login attempts fail repeatedly, the suspension period will increase each time.

 

User Account Locking

In addition to temporary login suspension, you can configure the system to lock a user’s account after a specified number of failed login attempts.

 

Secure your passwords

On Self-managed installations, we encourage our customers to change their password after they log in for the first time, and to make sure it’s compliant with the customer’s password policy. If you forget the admin account password, you can recover it. Please refer to Recreating the Default Admin User.

On JFrog Saas solution our customers need to provide a strong admin password.

Login passwords are stored as hashes or encrypted hashes.

To keep your own passwords secure, you may choose to encrypt them as described in Key Encryption.

Powering the Software
that Powers the World

It’s our Liquid Software vision to automatically deliver software
packages seamlessly and securely from any source to any device.

Start For Free Buy Now