User Guide

2FA for Bitbucket: U2F & TOTP application protects your data from keyloggers, network data sniffing, unsecured wi-fi connections, and other threats, while also provides extra security for users working with sensitive information. The first security factor is your usual log in to the application with username and password. Multi-factor Authentication, also known as MFA or multi-step verification, adds another security layer by complementing username and password with a unique security code that is immediately accessible only to a certain user. Generally, such code is sent to any device which you have always on hand. As a user, you can decide which second security factor is more convenient and suitable for you, and you can change it anytime. Such a two-factor authentication method can be easily called a combination of "something you have and something you know”.

 

This guide describes the main stages and situations associated with using the 2FA for Bitbucket: U2F & TOTP application and will help you get started using the app.

Find how to enable the application in this section.

You can start using the application in two cases:

  • Your Bitbucket account has been forced to use 2FA for Bitbucket: U2F & TOTP by your Bitbucket administrator. If so, click here.

  • You haven’t been forced to use it, but you can enable 2FA for Bitbucket: U2F & TOTP by yourself. If so, find out how to do it here.

Find how to use TOTP and U2F device in this section.

After you’ve enabled 2FA for Bitbucket: U2F & TOTP, you’ll be requested to provide TOTP or U2F as the second factor of authentication every time you log in in Bitbucket with username and password.

  • Check how to log in with 2FA for Bitbucket using verification code (TOTP) as authentication second factor here.

  • You can find how to log in with 2FA for Bitbucket: U2F & TOTP using the U2F device as authentication second factor here.

Find how to use backup (recovery) codes in this section.

  • If you ever have no access to your mobile device for TOTP or to your U2F device, you can log in using the backup codes. Find how to use backup (recovery) codes and enter a one-time secret password reserve key here.

Note: If you do not have the opportunity to use your mobile app (TOTP), U2F device or backup (recovery) codes contact your Bitbucket administrator. Bitbucket administrator always can reset your user authentication settings.

Find how to manage your U2F device/devices in this section.

  • Find how to manage or add your U2F device/devices here.

Find how to disable 2FA for Bitbucket: U2F & TOTP in this section.

  • In case you wish to no longer use any of the second factors for authentication, you need to disable 2FA for Bitbucket: U2F & TOTP. Find how to disable 2FA for Bitbucket: U2F & TOTP here.

Note: If you’ve been forced to use 2FA for Bitbucket: U2F & TOTP by your Bitbucket Administrator, you will not be able to disable this option by yourself.