Uploaded image for project: 'Bitbucket Cloud'
  1. Bitbucket Cloud
  2. BCLOUD-13051

Add ability to set U2F without smartphone, and use recovery codes to U2F

    XMLWordPrintable

Details

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      1. U2F is not a sub-part of smartphone-based 2FA - it's an independent method, and should have the same level as smartphone-based 2FA. I should be able to enable 2FA using only U2F as my second factor (no smartphone-based access), and receive recovery codes via email (and be able to access them via SSH).
      2. There must be a way to use recovery code(s) on a U2F-enabled account regardless of whether a smartphone-based 2FA was or was not enabled.

      Let me add an insult - your current design where U2F can only be enabled if smartphone-based 2FA has already been set up is stupid.

      Attachments

        Activity

          People

            Unassigned Unassigned
            64ccae28ef83 mouse0
            Votes:
            3 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: