Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

List users with two-step verification status

Ian Munday June 4, 2019

Is it possible to list all active users and whether they have enabled two-step verification?

Thanks, Ian

1 answer

0 votes
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
June 28, 2019

Hello Ian, 


List of all active users

I guess you mean to list all Active "managed" accounts. If so, please find below the steps you can follow to do so:

  • Access the page
  • Under Organization, identify the name of your organization and then click on xxx managed accounts (where xxx is the number of your managed accounts)

  • In the windows you get, in the central panel (under Managed accounts), click on All accounts to open a drop down menu, and choose Active accounts


  • You can finally export the set of accounts you get if you want, by clicking on Export accounts on the same page. 



Users with Two-step verification enabled


For this point, in the official documentation talking about Enforced two-steps verifications, mainly in the part named  See accounts without two step-authentification enabled, this is what is written: 


You can see a list of all accounts from your verified domains that don't yet have two-step verification enabled:


    From your organization at, select Directory and then Managed accounts.


    While we make updates to the admin experience, you may not need to click Directory to get to Managed accounts.

  2. Click Show users without two-step verification.

This displays all the Atlassian accounts that are managed in your organization that don't have two-step verification enabled. You can use it to see which people will be affected if you enforce two-step verification, as well as to see those who are yet to enable two-step verification after you've enforced it.


I hope this helps you. Otherwise, maybe another community member will be able to add more information and precisions regarding this. 


Thank you


Jay McCarogher October 6, 2020

I don't think OP meant list of Managed accounts with 2FA enabled, but all accounts on his instance that have it. Managed and Unmanaged.

That's always confused me, why let us enforce 2FA on managed account but not unmanaged, when the unmanaged accounts appear to be the higher security risk 

Like # people like this
John Rocha February 14, 2022

I agree 100% @Jay McCarogher . It is crazy that they only let you set the authentication rules for the folks in your organization. Those are presumably the safest since they are at least on your team, but folks outside your organization with access to your project are free to be as risky as they want? Wow!

This has prompted yet another, should we stick with Atlassian conversation, amongst our upper management.

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events