Unexpected 2FA Prompt for Non-Enrolled User + Domain Verification Concerns
i_onum
I'm New Here 
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Hi Community,
We recently encountered an issue where a user was unexpectedly prompted for two-factor authentication (2FA) despite never enrolling or activating it. As a result, the user was unable to access both Jira and Confluence.
We have noticed that our domain has not yet been verified in Atlassian Admin which we are not looking at doing just now because we’re unsure of the security implications or potential changes for all users authentication behaviour once domain verification is completed.
I would appreciate guidance on the following:
- What could trigger a 2FA prompt for a user who has not enabled or enrolled in 2FA?
- Are there known scenarios or configurations that cause this behaviour?
- What are the best practices to prevent such access issues without compromising security policies?
- What are the implications of verifying our domain, particularly in relation to user authentication and account control?
Thanks.
1 answer
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.