As per the documentation, enabling the Datlassian.authentication.2sv.enforcement.all.users.enabled=true flag does not require non-admin users to set up two-step verification

XMLWordPrintable

    • Type: Bug
    • Resolution: Unresolved
    • Priority: Low
    • None
    • Affects Version/s: 8.19.0, 9.4.0, 9.6.0
    • Component/s: Documentation (Developer)
    • None
    • 1
    • Severity 3 - Minor

      Issue Summary

      The property 'Datlassian.authentication.2sv.enforcement.all.users.enabled=true' mentioned on https://confluence.atlassian.com/enterprise/manage-two-step-verification-for-your-atlassian-account-1384125346.html document doesn't work in Bitbucket DC.

      Steps to Reproduce

      1. Enable '-Datlassian.authentication.2sv.enforcement.all.users.enabled=true' flag from <Bitbucket-Installation-Directory>/bin/_start-webapp.sh file and restart Bitbucket.
      2. Try to login with a user who has 'Project creator' or 'Bitbucket User' permission.

      Expected Results

      The property should require users with 'Project Creator' and 'Bitbucket User' permissions to set up two-step verification upon logging in.

      Actual Results

      Users with 'Project Creator' and 'Bitbucket User' permissions can log in to Bitbucket without seeing the screen to set up two-step verification. This is because the property Datlassian.authentication.2sv.enforcement.all.users.enabled=true mentioned in document is implemented in other data center products but not yet in the Bitbucket data center, which can lead to confusion.

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

            Assignee:
            Unassigned
            Reporter:
            Aman Shrivastava
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: