Destructive operations - like "delete repository" and "transfer repository" should ask for password

Issue #9419 duplicate
Sandeep Srinivasa
created an issue

One of our project admins had his laptop stolen and we forgot his browser was signed on to bitbucket.

When he later realized that (by checking sessions) - he scrambled to sign out of all sessions and change his password, but damage could have been done.

It would be great if you can force a password before any such destructive operations can take place. In fact, code can be restored (using local clones, etc.) but issues/wikis/etc. cannot !

Comments (1)

  1. Log in to comment