Optional "extra security" mode (BB-8031)

Issue #6859 closed
Adrien Saladin
created an issue

Basically prompt the user to re-enter their password for destructive events, like deleting a repo.


I logged a few days ago on bitbucket, on my computer, using openid. Today I was able to delete permanently a repository without proving my identity. Maybe you could add a password check in this case ?


Comments (6)

  1. Zachary Davis

    Hi Adrien,

    You must be logged in and have permissions to delete a repository. We've implemented additional password prompts before here at Atlassian, and the downside tends to far outweigh the upside. You can always log out of Bitbucket when you're done with your session.

    Cheers, Zach

  2. Adrien Saladin reporter

    I understand that password prompts can be somehow unpleasant. Maybe an enhanced security mode can be made as an opt-in option in the account preferences ?


  3. Log in to comment