要約

In today’s digital landscape, securing your accounts is more important than ever. Atlassian provides robust security measures to protect your data, including Multi-Factor Authentication (MFA) and Two-Step Verification (2SV). While these terms are sometimes used interchangeably, they serve distinct functions within our ecosystem, especially when both are enabled. This article aims to clarify these security features and provide guidance for Bitbucket Cloud users.

What is Atlassian Two-Step Verification?

Atlassian 2SV is an additional security layer that requires users to provide an additional form of verification to gain access to their accounts. This means that even if your password is compromised, unauthorized access is prevented by requiring another verification factor, such as a code sent to your mobile device, or a time-based code from an authentication app to access your account.

Key Aspects:

• Global Account Security: Applies to your entire Atlassian account, affecting all associated products, including Bitbucket Cloud.

• Variety of Methods: Supports authentication apps, security key, and SMS codes, giving you flexibility in choosing how to secure your account.

What is Bitbucket Cloud Two-Step Verification?

Bitbucket Cloud 2SV is specifically designed to protect your Bitbucket account. It works similarly to Atlassian 2SV by requiring an additional verification step when accessing your Bitbucket repositories and projects.

Key Aspects:

• Repository Protection: Secures your access to Bitbucket Cloud, ensuring your code and projects are protected.

• Integrated with Bitbucket: Works seamlessly with Bitbucket Cloud features to provide targeted security.

• Premium feature: Require users to enable two-step verification in order to access your workspace. 

How They Work Together: Common Scenarios

Accessing Bitbucket Cloud

1. Initial Login: When you log into Bitbucket Cloud, you must first complete the Atlassian 2SV process. This step secures your overall account.

2. Bitbucket-Specific Access: After completing the Atlassian 2SV, you'll may be prompted to complete Bitbucket Cloud 2SV. This additional step is specifically designed to secure your Bitbucket access.

Common Issues and Solutions

Issue 1: Confusion Over Double Prompts

• Explanation: Multiple 2SV prompts due to the layered security.

• Solution: Understand that these are separate security checks. Completing both ensures maximum protection for your account and repositories.

Issue 2: Trouble with Authentication Methods

• Explanation: Issues with authentication code.

• Solution: Ensure your authentication app is up-to-date and properly synced to your device's time settings. 

Issue 3: Losing Access to Authentication Device

• Explanation: Losing the device or authentication app can lock you out.

• Solution: Set up backup codes and store them securely. Or go though the two-step verification recovery process for either products to regain access. 

Issue 4: Using the Incorrect Authentication Code

• Explanation: There may be multiple authentication codes on your authentication app. The authentication codes cannot be used interchangeably. 

• Solution:  Ensure you use the authentication code that corresponds to the specific product. (E.g. The Bitbucket Cloud authentication code cannot be used for your Atlassian account and vice versa)