Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

2FA error: "you entered an incorrect verification code"

d_steelhead
d_steelhead
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 21, 2021

Hello,

it's been a month or 2 that the 2FA hasn't been working properly on my bitbucket account. I have been using Authy for a long time but all of a sudden I keep getting the following error:

"you entered an incorrect verification code"

 

I now login by entering the emergency recovery key but it's getting cumbersome, I can't keep up like that forever, saving a new key each and every time.

 

I read a few posts on the community like this:

Bitbucket Two step verification code rejected

but none worked for me.

I followed the steps: I removed the 2FA and reconfigured it several time, I tried other 2FA apps such as GoogleAuthenticator, Authenticator, 2FAS Auth... But there's no way to avoid the "incorrect verification code" error.

 

I read a few posts saying it's a time issue. So I figured out it the error could have been triggered by daylight saving time. So I tried returning to standard time on my phone, but it didn't work. I also tried quite a few different time zones but none worked.

 

However there's a weird exception: when I login with the emergency key, there's a new prompt which asks for a two steps verification or for recovery codes. I type the Authy's code, and guess what, it works on that occasion. How can it be? It didn't work a while before...

 

Can anybody help me? What can I do?

Thank you in advance.

 

 

Answer
Watch
Like julietmikealpha likes this
1948 views

1 answer

0 votes
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 25, 2021

Hi @d_steelhead and welcome to the community.

Does this concern the Bitbucket account that has the same email as your community account?

Checking this account in our system, I can see that it has 2FA enabled on both the Bitbucket and the Atlassian account, which I believe is the culprit.

 

Please allow me to give some context first:

Bitbucket uses Atlassian accounts (the ones for https://id.atlassian.com/) for authentication.
At the moment, it is possible to set up 2FA both for a Bitbucket account and also for an Atlassian account.

If you do that, you'll get asked for a 2FA code twice when logging in to Bitbucket, once for the Atlassian account and once for the Bitbucket account.
There should be two separate entries/accounts in the authenticator app, one for the Atlassian account and another one for the Bitbucket account.

When logging in to Bitbucket, you first get asked for a 2FA code for the Atlassian account, which should be generated by the entry/account in the authenticator app that is for the Atlassian account.
After this step is completed successfully, you'll get asked for a 2FA code for the Bitbucket account, which should be generated by the entry/account in the authenticator app that is for the Bitbucket account.

 

Likely issue in your case:

Based on the following description

However there's a weird exception: when I login with the emergency key, there's a new prompt which asks for a two steps verification or for recovery codes. I type the Authy's code, and guess what, it works on that occasion. How can it be? It didn't work a while before...

It sounds like the entry/account you have in your authenticator app is for Bitbucket. The codes generated by the Bitbucket entry will only work for Bitbucket 2FA and not for Atlassian account 2FA.

So, when you try to log in, you get past the Atlassian account 2FA with the emergency key.
Then, you are presented with Bitbucket 2FA, and the 2FA code works as intended.

 

Possible solution:

If you don't have a second entry/account in your authenticator app for Atlassian account 2FA, you can disable 2FA for the Atlassian account.
If you want, you can then set it up again, or only keep 2FA on the Bitbucket account.

The following page has instructions on how to disable 2FA on the Atlassian account:

 

Please feel free to let me know if this works for you and if you have any questions.

Kind regards,
Theodora

View More Comments
julietmikealpha
julietmikealpha
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 10, 2021

Spotted this topic looking for help with the same issue; once enabled (having entered a successful 2FA code), I can not log in (via auth.atlassion.com) and get the error 'You entered an incorrect verification code.'.

Same result as the OP - I can get into my account using the emergency code but 2FA (tried: Tofu, Authy, Microsoft Authenticator) all validate 2FA but fail to login.

Another clue: disabled 2FA at bitbucket.org, I still get asked for 2FA.

UPDATE: if I go here: https://id.atlassian.com/manage-profile it shows 2FA enabled on my atlassion profile. There's a disparity between bitbucket and atlassion; once enabled in the later, it's possible to still configure bitbucket 2FA which breaks the log in process.

Like
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 14, 2021

Hi @julietmikealpha,

It is possible to configure 2FA both for a Bitbucket account and also an Atlassian account at the moment.

In the past, Bitbucket was not using Atlassian accounts, and there was a 2FA feature on both. A few years back, we introduced Atlassian accounts for Bitbucket, to provide single login with the same Atlassian account to multiple Atlassian Cloud products. The separate 2FA implementations remained.

This means that if you have 2FA enabled for both, there should be two separate entries/accounts in the authenticator app on your phone, one for the Bitbucket account and a second one for the Atlassian account. The 2FA codes generated by the Atlassian account/entry can be used only for Atlassian account 2FA login screen, and the 2FA codes generated by the Bitbucket account/entry can be used only for Bitbucket 2FA login screen.

We have a feature request to provide a unified 2FA authentication that you can vote for and add yourself as a watcher if you'd like to get notified via email on updates:

https://jira.atlassian.com/browse/BCLOUD-19471

If you have any questions, please feel free to let me know.

Kind regards,
Theodora

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events