I updated my bitbucket account last week to use 2FA, but after doing that, every code I enter using google authenticator is rejected. I have tried relogging in with a valid recovery code and authenticator code.
The error I get is:
invalid two-step authentication code.
My code changes every 2 minutes and I have used ones from just after it changes to see if it is a problem with the time on my laptop (which matches phone time on two laptops and two phones so I don't think it is a time mismatch).
I am able to login to Jira and Ops-genie, I even disabled 2FA from my OG which should be the same as bitbucket atlassian account, but bitbucket still asks for an authentication code and still will not verify it.
Bitbucket Cloud uses Atlassian accounts (the ones for id.atlassian.com) for authentication.
At the moment, it is possible to set up 2FA both for the Atlassian account (in https://id.atlassian.com/manage-profile/security/two-step-verification) and also for the Bitbucket account (in https://bitbucket.org/account/settings/two-step-verification/manage).
If both are enabled, then there should be two entries in the authenticator app of your phone. One generating codes for Atlassian account 2FA and a second one generating codes for Bitbucket 2FA. It is not possible to use Atlassian account 2FA codes for Bitbucket and vice versa.
I can see in our system that Atlassian account 2FA for your account is disabled, but Bitbucket 2FA is still enabled. It also sounds like the codes you are using may be the ones for the Atlassian account instead.
Do you have a two accounts/entries in the authenticator app on your phone, one for Atlassian and a second one for Bitbucket? If so, can you try using the 2FA codes generated from the Bitbucket one?
In case there is no account/option for Bitbucket in your authenticator app, you can do either of the following:
1. You can retrieve 6 recovery codes if you run the following command on the machine where you have your SSH keys for Bitbucket:
ssh email@example.com recovery_codes
Please note that these codes are for one time use only, so you can use one of them to log in to Bitbucket and a second one to disable 2FA in the Bitbucket account. Afterwards, you can set it up again if you wish.
2. When you get asked for a Bitbucket 2FA code in your browser, you'll see a link 'Forgot code?' at the bottom of the page. Select that, follow the instructions, and an email will be sent in 24 hours to your Bitbucket account's email that will allow you to disable 2FA.
Please feel free to let me know if you have any questions.
Thanks for that, I don't have two entries, just one for Atlassian so that explains why it is not valid but I'd never be able to get a valid one as I have no bitbucket entry!
I have sent a recovery email - I did do that last week but the email arrived Friday night and the link ran out before I tried it - my fault. I've sent another.
Hey Community! We’re willing to wager that quite a few of you not only use Bitbucket, but administer it too. Our team is excited to share that we’ll be releasing improvements throughout this month of...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events