Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Cannot reset two-factor auth.

Md_ Abrarul Huda
Md_ Abrarul Huda
Contributor
April 29, 2026

I am trying to reset two-factor authentication for a user. They lost their phone and are now trying to enable two factor using the authenticator app on their new phone.

But in security section, two factor enable option is not visible. (below screenshot)

two-factor.png

 

I have previously done this for other users and I have org admin permission. Has this been moved to somewhere else or can the user do it themselves?

In my general security section. two-step is enabled.

two-step.png

 

 

Answer
Watch
Like Be the first to like this
69 views

3 answers

1 vote
Trudy Claspill
Trudy Claspill
Community Champion
April 29, 2026

Hello @Md_ Abrarul Huda 

Is this a managed user account? Have you verified the domain for the users email address and claimed their account?

Based on the first image you provided the user is included in the Authentication Policy that you have shown in the second image. In the second image it shows that 2FA is enabled for user in that policy.

I believe you need to set up a second policy where 2FA is not enabled, and move the user to that policy, Reset the 2FA for their account, have them login and re-establish their 2FA, then move them back to the policy that has 2FA enforced.

That process is described here:

https://support.atlassian.com/security-and-access-policies/docs/enforce-two-step-verification/#Troubleshoot-two-step-verification-for-managed-accounts

View More Comments
Md_ Abrarul Huda
Md_ Abrarul Huda
Contributor
April 29, 2026

It is a managed account. I've checked the email.

Previously under two-step verification I could reset it for each user and they would get an email to enable their authentication again. Is that changed in Jira now?

Like
Trudy Claspill
Trudy Claspill
Community Champion
April 29, 2026

I don't know if the options have changed as I have not had that responsibility in any of the sites/organizations to which I have access.

Perhaps the authentication policy did not previous have 2FA enabled and without it being enabled you could simply use the reset option in the user's account.

Based on the images the policy does require 2FA, and the solution now is as I paraphrased, which is described in more detail in the document I linked.

 

Like Arkadiusz Wroblewski likes this
Reply
0 votes
Arkadiusz Wroblewski
Arkadiusz Wroblewski
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
April 30, 2026

Hello @Md_ Abrarul Huda 

@Trudy Claspill  is definitely the right way to handle this.

Looking at your screenshot, the most telling detail is that Two-step verification is listed as "Not enabled." This is exactly why you aren't seeing a "reset" option you can't reset a configuration that doesn't exist yet.

It’s likely this user hasn't been active in a long time and never actually completed the 2FA enrollment, even if your organization's policy technically requires it. Because they are currently "blocked" by a mandatory policy without having a 2FA method saved on their profile, they've ended up in this login loop.

Whatever you do, do not change your default policy for all 849 users just to fix this one account.

Instead, the cleanest fix is to move just this specific user into a temporary "Optional 2FA" policy. Once they are moved to that permissive group, they’ll be able to log in without the 2FA. After they’ve successfully accessed their account and confirmed their details, you can simply move them back into your standard "Mandatory" policy. This will prompt them to set up their 2FA fresh the next time they sign in.

Reply
0 votes
Utkarsh Agarwal
Utkarsh Agarwal
Community Champion
April 29, 2026

Hi @Md_ Abrarul Huda 

From the screenshot it looks like this user has not been active since 2025. If your authentication policy was updated later to enforce 2FA, the user may never have completed 2FA setup, which would explain why there is no 2FA configuration available for an org admin to reset.

Based on what you described about the user recently losing their phone, it may also be worth double-checking that you’re viewing the correct user account. If the wrong profile is being reviewed, that could explain the mismatch.

Hope this helps!

Regards
Utkarsh

View More Comments
Md_ Abrarul Huda
Md_ Abrarul Huda
Contributor
April 29, 2026

The profile is accurate. They have not used it in a long time. They claim that previously they incorporated two-factor. As far as I remember we had two factor at that time as well.

I'm gonna try @Trudy Claspill 's approach to see if this works. Fingers crossed.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security