Have you noticed more email one-time passcodes (OTPs) when logging in to your Atlassian account lately? You’re not alone! Atlassian is stepping up security for everyone, and that means extra checks to keep your account safe from new threats. But did you know there’s a way to make your login both safer and simpler?
Why am I getting more email OTPs?
Recently, we enhanced our account security. We added extra steps to protect you—like sending a code to your email when you log in. This helps make sure it’s really you, not someone else, trying to access your account.
If the accounts you’re getting these OTP for are for your automation (“bot” account), consider migrating those accounts to service accounts, then skip ahead to the Service Accounts section.
There’s a better way: two-step verification (2SV)
Two-step verification (2SV) is a simple, powerful way to protect your account. With 2SV, you use something you know (your password) and something you have (like your phone or an app) to log in. Even if someone guesses your password, they can’t get in without your second factor (only something you have).
Benefits of 2SV:
- Stronger security: 2SV makes it much harder for hackers to access your account, even if they have your password.
- Peace of mind: You know your work and personal information are protected.
- Fewer email OTPs: Once you set up 2SV, you won’t need to enter email codes every time you log in. Your account is already protected by a stronger method!
How does 2SV work?
It’s easy! After you enter your password, you’ll be asked to supply your Passkeys, or a code from an app on your phone (like Google Authenticator or Authy) or a text message. That’s it—just two quick steps for much better security.
Ready to get started?
Setting up 2SV only takes a few minutes, and it’s one of the best ways to keep your account safe. Plus, you’ll spend less time hunting for email codes and more time getting things done.
Follow these easy steps to set up 2SV: Manage two-step verification for your Atlassian account | Atlassian Support
For more details on why we are making these changes, check out the official announcement.
Take control of your security today—enable 2SV and enjoy a safer, smoother login experience!
Service accounts
If you are using an account for automation and receiving email OTP, this is because of the security measure we have implemented. Consider migrating these accounts to service accounts.
Migrating from bot accounts to service accounts: simplifying and securing automated logins
Many teams rely on automated processes—like integrations, scripts, or bots—to interact with Atlassian apps. Traditionally, these automations have used standard user accounts (often called “bot accounts”) to log in. However, this approach comes with challenges: bot accounts are subject to security controls designed for humans, such as email one-time passwords (OTPs) and multi-factor authentication (MFA). These controls can interrupt automation, require manual intervention, and create unnecessary risk if credentials are shared or stored insecurely.
Make the move
Migrating from bot accounts to service accounts not only simplifies your automation but also strengthens your organisation’s security posture. For step-by-step guidance on managing service accounts, check out Atlassian’s official support documentation: Manage your service accounts | Atlassian Support