Manage two-step verification for your Atlassian account

Two-step verification protects your Atlassian account by adding a second login step. This way your account stays secure, even if your password is compromised.

Enable two-step verification

The second login step for two-step verification requires a 6-digit verification code that you get from an authentication app on your mobile device.

We support only one authentication app connection at once. When you connect your account to a new authentication app, we’ll disable the previous one.

Use an authentication app on your mobile device

To begin the setup of two-step verification:

1. Install an authentication app on your mobile device. We support most authentication apps—some of the more common ones are Google Authenticator, Authy, or Duo. For download links to these apps, go to http://atlassian.com/2step on your mobile device.

2. Log in to your Atlassian account. Go to your Profile, then select Two-step verification.

3. Under Two-step verification settings, select Unlock settings and enter your password to verify your identity.

4. In the Authentication app tab, select Set up and follow the instructions on your screen.

Log in with two-step verification

Once you've enabled two-step verification, you'll need your mobile device to log in:

1. Enter your username and password as you do normally.
2. Open the authentication app on your mobile device and retrieve the new 6-digit code.
3. Enter the verification code.

Disable two-step verification

If you disable two-step verification, your account will no longer be protected by a second login step.

1. Log in to your Atlassian account. Go to your Profile, then select Two-step verification.

2. Under Two-step verification settings, select Unlock settings and enter your verification code to verify your identity. You won't see this option if you recently unlocked your settings.

3. In the Authentication app tab, select Manage, then Disable.

4. In the confirmation dialog that appears, select Disable.

After you disable two-step verification, you no longer have to log in with your authentication app. You can re-enable two-step verification at any time.

Recover your account

If you don't have your mobile device or can't access your authentication app, you can log in to your Atlassian account using your emergency recovery key that you created previously.

Use your emergency recovery key instead of a verification code

If you don't have a verification code, you can use your recovery key.

1. Enter your username and password as you do normally.

2. When the screen asks for a verification code, select Can't use your mobile device? instead.

3. Enter your recovery key.

4. You'll get a new recovery key, because you can only use a recovery key once. Make sure to save your new key.

Create a new emergency recovery key

If you've lost your recovery key or have concerns that someone else has it, you can create a new key, but only if you're not already logged out.

1. Log in to your Atlassian account. Go to User profile, then select Two-step verification.

2. Under Two-step verification settings, select Unlock settings and enter your password to verify your identity. You won't see this option if you recently unlocked your settings.

3. In the Authentication app tab, select Manage, then Create new recovery key and follow the instructions on your screen to create a new key.

Make sure to copy, print, or record your new recovery key, but treat it as securely as any other password. Note that the new recovery key replaces your old recovery key.

Enforced two-step verification

If you're an admin and enforcement is enabled on your product instance, you may be required to set up and use two-step verification when you log in.

When that happens:

• You'll get an email telling you that two-step verification is required, and explaining how to enable it.

• You'll need to enable two-step verification, as described in the Enable two-step verification section.