You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
I have enabled the 2FA in my personal setting, I have tested the 2FA working after I have logged out and login to Bitbucket.
Do I have to manually logout/login in order to use 2FA?
G'day, @Andrew Liew
Yes, you are required to log out and in again to use 2SV since the sessions do not expire when the user enables it by default.
Also, I believe there's no way to force users to logout from their accounts now.
However, there's a possible way to force users to enable 2SV by enabling the options in the workspace Premium settings. This will force users to enable their 2SV before accessing the workspace.
Let me know if you have any additional questions.
Hi @Andrew Liew
Yes, that's the right behavior.
Once you turn on the 2SV in Bitbucket, you won't be forced to log out, but the next time you log in to Bitbucket, you'll require to enter the 2SV code as an additional login step.
That's not true.
After I passed the 2SV once, then onwards, every time even after I restarted my machine and started the browser with my bitbucket bookmark, I can access Bitbucket without 2SV or login every day. There is no 2SV UI or login for the keys. I can access the Bitbucket many times without 2SV or login.
Hi @Andrew Liew
Just so we are on the same page, the login I mention earlier is when you are present with the option to enter your emails as the following screenshot:
This login wizard will then ask for the 2SV code before allowing you to log in. So if this is what you mention log in earlier, where you are not asked to enter your 2SV, then something is not right.
However, if it's not, or by login, you mean simply accessing the URL. Then it's expected behavior because when you log in to Bitbucket, we store a session cache that allows you to access Bitbucket without going through the login process. Once the session expires, you'll be asked to log in as shown in the screenshot above.
That said, I can see you are on the Premium plan, so if you wish to continue the conversation further I can create a support ticket on your behalf of you.