Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Problem resolving access with 2FA to Bitbucket after mobile phone was broken

Mladen Cvetkovic
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
September 5, 2023


I had 2FA for bitbucket working without any issues until my phone (with authenticator app) has died.

After that, I cannot bypass 2FA to access needed bitbucket repos. If I request bitbucket recovery e-mail, I logged in with it and after that I manage to enter 24 hexadecimal recovery code when prompted), but after that I am again prompted with entering code from my mobile phone (and I don't have any working recovery code):


And if I go for forgot code? option then I only have option to ask for recovery e-mail again. How can I resolve this to get back to bitbucket admin options to disable/enable 2FA and scan again QR code with authentication app on my new phone?



2 answers

2 accepted

0 votes
Answer accepted
Mladen Cvetkovic
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
September 7, 2023

Hi Syahrul,

Great, Thank you very much for the initial instructions - it has resolved the problem.

For the sake of others who may have experienced the same problem, I will list the steps for recovery. Assumption is that in Microsoft Auth App we already have set up 2FA for Atlassian login (with Atlassian in the name) which is different from Bitbucket 2FA - this is one of the key aspects of the process.

1. I requested recovery of the access to the Bitbucket and then after 24h I receive e-mail with a hyperlink to kick off the process

2. I click on the hyperlink and I am prompted to enter login account and password:


3. I enter my corporate e-mail address and password. I am prompted to enter 6 digit code:


3. I choose Can't use your phone link and on the next screen I enter 24 character recovery code.

4. After that, I am prompted to save new 24 character code which I do, and I press Saved Let's go button. I progress to screen with account recovery notice:


5. I press Disable two-step verification button which leads to the screen with QR code and options to enable 2 step verification.

6. I open Microsoft Authenticator and choose to add new app (as Google, Facebook etc.) and I scan provided QR code (resulting in Bitbucket entry created  in Microsoft Authentication App)

7. I am prompted to enter 6 digit code from the Microsoft Authenticator which appears to be running fine. Once I enter correct 6 digit code, Bitbucket shows that e-mail will arrive to my address to continue registration.

8. E-mail arrives into Junk folder (which I guess is always possibility). I move the e-mail to Outlook Inbox and click on the link to enable 2FA. This results in seeing this screen, which appear to show that 2FA is enabled:


9, I press Show recovery codes button and save them for possible future usage. At this stage everything appears to be under control.

10. I click on my avatar and I log out (to test the process of re-login again).

11. I try to login again by providing my e-mail address and password (please note that login screen suggests that we are connecting to bitbucket:


12. I enter my e-mail account and password. I proceed to the screen where we are asked for 6-digit code but for Atlassian 2FA:


13. I enter 6 digit code for Atlassian from Microsoft Auth app. When I enter that, I progress to the next screen where we are asked for 6 digit code for Bitbucket from Microsoft Auth App:


14. I enter 6 digit code for Bitbucket from Microsoft Auth App. We finally progress to the expected bitbucket repos.

This completes the process of recovery of Bitbucket access with 2FA when previous phone with Authentication app has died.

0 votes
Answer accepted
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 5, 2023

G'day @Mladen Cvetkovic 

Welcome to the community!

I can see that you recently requested a 2SV reset email. Unfortunately, you will need to wait for 24 hours from the time of your initial request before the reset email is sent out.

I highly recommend waiting for the reset email and checking your spam folder to ensure you don't miss it.


Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events