Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,456,344
Community Members
 
Community Events
176
Community Groups

Disable 2FA for End User

Hello,

We are working on enabling MFA for end users. However, I can't find an option to disable MFA for a user by logging in as admin. How can I disable MFA for a user when the user does not have access to their phone or recovery key?

Please note that I have followed the below steps:

  1. From your organization at admin.atlassian.com, select Security > Authentication policies.

  2. Move member to a policy where two-step verification is optional.

  3. Select Directory > Managed accountsShow details to open the member’s page.

  4. Select Disable two-step verification so the member can reset two-step verification and log in.

  5. Move the member back to the previous policy.

However, when I click on "show details", it does not give me the option to disable MFA.

Please advise.....

Thanks

Md

1 answer

0 votes

Can you add a screenshot of the two authentication policies?

FYI: We do not have the access subscription to create another authentication policy. We can only have one policy.

It's my understanding that to require MFA, you need an Atlassian Access subscription - is it possible that the user has set their own account to require it?  The user can go to this page https://id.atlassian.com/manage-profile/security/two-step-verification and see if they have it enabled or disabled and can control whether to require it or not.

We will enable it per user by giving them the url you shared. However, we want to know if the admins can disable the MFA or give them temporary urgent access if needed?

Admins cannot disable MFA if the user has it configured.  Only the user would be able to disable it.

Ok, but it is required to have the MFA code to be able to disable the MFA prompt. However, what if the user loses their phone or in case of an emergency when the user does not have access to their phone?

Thanks

Md

@Md Miah  There is information on this page that answers that question - https://support.atlassian.com/atlassian-account/docs/manage-two-step-verification-for-your-atlassian-account/ the user will get a backup code that they need to save.

my recovery key is not working
my authenticator is enabled on not working phone
recover account button showing "unexpected error"

to raise a ticket to IT Support I have to be logged in

to disable 2FA or to disable a mobile device with an authenticator I have to be logged in

 

Can someone help?

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Site Admin
TAGS

Atlassian Community Events