Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Easily bypassed BitBucket's two-step verification

Kamil Stepien
Kamil Stepien January 22, 2019

I set up the two-step verification from PC 1 to use verification code given from Authy app. I used PC 2 to try to clone the private repository. I assumed I know the link to clone the repository and I obtained the password. When I entered those details through git bash, it asked me to authenticate and when I clicked on the button the browser opened with localhost:34106 which couldn't be reached as I do not have any local server running on PC 2. I came back to git bash and remote repo was at my PC 2 without any issues. This is concerning to me. Can someone explain what happened here? 

Answer
Watch
Like Be the first to like this
587 views

1 answer

1 accepted

0 votes
Answer accepted
Ana Retamal
Ana Retamal
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 24, 2019

Hi Kamil, 

I'm not sure I understand the issue completely.

You said you tried to clone the repository in PC 2, you entered your credentials and after that the repo was cloned to your computer. This sounds ok.

What I don't understand is that you were on the command line, and then you said you clicked on a button that brought you to the browser and opened localhost:34106 (You can see more here). That's Sourcetree trying to authenticate you against our servers. Do you have Sourcetree installed?

Let us know!

Ana

View More Comments
Kamil Stepien
Kamil Stepien January 28, 2019

Hi Ana, 

Yes, when I tried to clone repository the login screen for Atlassian popped up and I enter the credentials to log in. Yes, I have source tree installed and it seems to be the bug you linked, thank you.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security