What in the WHAT Atlassian? Making Shadow (Accidental) IT even easier!
Oh hi. You may remember these old posts:
tl;dr
In March/April 2025 Atlassian seemed to have made fixes to product pages that made it too easy for users to create new sites when they just were trying to log in. In the last 10 days or so, it looks like they've made it EVEN WORSE than it was before.
Long version
Thanks to an overzealous marketing funnel, Atlassian made it way too easy for users who are simply trying to login to their sites to instead accidentally create new Jira or Confluence sites. The problem was that people don't remember their exact Jira or Confluence site URLs, but figure that like every other SaaS product, if they just Google search for "jira" or "confluence" that it'll eventually take them to the right place.
In most cases, users had previously logged on to Jira or Confluence, so there were existing session cookies that Atlassian COULD see and use to guide users to log into their EXISTING Jira/Confluence sites instead of leading them to create new sites. (Which admins then have to go in and delete.)
Back in March/April it seemed like Atlassian had made some progress on fixing this, despite the lack of updates to CLOUD-12193 - Reduce occurrences of accidental site creations.
10 new sites in the last 9 days
As of Jun 26, 2025, we've had 10 new sites created by accident in the past 9 days. This is the highest rate of accidental site creation that've I've seen since we migrated to cloud in May 2024 and begun to accidental sites created at a rate of maybe 1-2 per week.
I took a very brief look at what is happening, and it seems like there was a regression. For Jira, it gives you a very pleasant, "Welcome back, Darryl" message, but the URL it suggests? That is a NEW SITE that it will create if I click Continue.
There is NOTHING on that page indicating to a user that they are creating a new site. At least before we could point out to users that they clicked through screens that said "Sign up" or "Agree" and had words like "no credit card needed":
But this? This is HORRIBLE, and explains why we're seeing this spike of accidental site creations.
Yes, I'm going to post a Support ticket. But I wanted to put this out here in case other people are seeing the same issue.
4 answers
So ok, I've done some more testing, and I think I've figured out that the SALES and MARKETING team or whoever is trying to drive up their SALES NUMBERS is doing something shady with the SPONSORED GOOGLE LINKS.
And it generated yet ANOTHER new darryllee-123456789.atlassian.net random site ready to be created if I click the big blue Continue button.
BUT, if I scroll down and click the first ORGANIC (not Sponsored) Google Link for Jira, then I get PROPERLY prompted to log into my actual Jira site.
So yeah, some go getter in SALES and MARKETING decided that tricking existing users into creating new sites was a great way to boost their monthly numbers.
Mission accomplished! So many new sites created!
Now look at the numbers of cancelled/deleted sites?
I guess they're banking on the fact that people won't notice and won't cancel or delete them. And by that time, they've hit their targets and woohoo, that Cadillac El Dorado, or a set of steak knives.
Ok, has it been 24 hours? Yes ok.
Perhaps I was a bit hasty to scream at the Sales guys and assume bad intent.
But hey, GGR is a great movie.
So upon further inspection and reflection, this is a DIFFERENT KIND OF SCREW-UP.
I think this is because Atlassian revamped their "home pages" for Jira and Confluence.
| Before | After |
 |
 |
You'll notice that in the new design, they put the LOGIN BOX right there.
I'm sure the designers were like "YES! We are eliminating clicks!"
Yes, if it worked, this should absolutely streamline logging in.
But alas. It does not. As evidenced by the TEN accidental sites I've had created in the last TEN days.
So. #CANHAZFIX?
I've uploaded all my cookies to my Support ticket. Maybe I'll give them a HAR file they didn't ask for. I still don't think it's been escalated to the right people yet.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.