When Bitbucket and Atlassian release two-step verification (two-factor authentication), some applications that rely on basic authentication may no longer work as expected. While Bitbucket recommends that third-party application developers switch to using OAuth, there are still many applications where https may be the only option.

Application specific passwords would allow users to create a password that would allow them to use Git, Mercurial, and the API over https as needed.