How to identify and reset all the users blocked by CAPTCHA in Bitbucket Server and Datacenter.

Still need help?

The Atlassian Community is here for you.

Ask the community

The content on this page relates to platforms which are supported; however, the content is out of scope of our Atlassian Support Offerings. Consequently, Atlassian cannot guarantee support. Please be aware that this material is provided for your information only and you may use it at your own risk.


While troubleshooting issues around CAPTCHA in Bitbucket Server, the list of the blocked users and the process of resetting them can be achieved by the following steps.


Bitbucket 7.x,8.x


To Identify the users who are blocked by the CAPTCHA requirement, run the following query


The below query is specific to Postgres if you are using any other database, please make appropriate changes. 

SELECT us.user_name
FROM cwd_user_attribute as atr
JOIN cwd_user as us ON
WHERE atr.attribute_name = 'failedAuthenticationAttemptCount' AND atr.attribute_value >= '5';

If there are just a few users blocked, the following API is the option to reset the CAPTCHA for each one individually, else we would suggest developing a script using the list of users obtained from the database query. As guidance, here's a sample curl request to reset a user's CAPTCHA.

curl --user <admin_user_name>:<password> -X DELETE <base_url>/rest/api/1.0/admin/users/captcha?name=<user_name>

To reset CAPTCHA for all the users the database would need to be modified/updated manually. The following steps need to be implemented. 

  • Backup Bitbucket
  • Stop Bitbucket
  • Run UPDATE like the following:

    UPDATE cwd_user_attribute
    SET attribute_value = 0, attribute_lower_value = 0
    WHERE attribute_name = 'failedAuthenticationAttemptCount';
  • Restart Bitbucket

Please make sure you backup Bitbucket before you make any modifications to the database.

Last modified on Dec 19, 2023

Was this helpful?

Provide feedback about this article
Powered by Confluence and Scroll Viewport.