Up till today I have always connected Sourcetree via Basic/HTTPS without any problems.

Today I had to change my password on id.atlassian.com. When I updated Sourcetree to use the new pass it said it was invalid. Have tried 3 times and Sourcetree always rejects the password.

If I use OAuth/HTTPS I can connect Sourcetree and see all repos. But when I try to clone, commit or push I get: 

remote: Too many invalid password attempts. Log in at https://id.atlassian.com/ to restore access.

fatal: unable to access 'https://bitbucket.org/*removed*/*removed*.git/': The requested URL returned error: 403

I have read through the last 2-3 years worth of posts here about this issue but none seem to help.

I have tried logging out of bitbucket.com and relogging in multiple times, but get the same error each time. I even found a keychain name bitbucket and deleted it, but that didn't help either. When I view my active sessions I see between 1 and 4 sessions, depending on when I've looked - all appear to be my IP and Chrome. 

I don't understand why Basic no longer connects with the correct user/pass, or why OAuth "works" as far as connecting Sourcetree, but won't let me clone/commit/push anything.

I'm on a Mac (BigSur 11.3.1).

Update 6/6/21: 

I've now also tried setting up an App Password following the instructions here: https://support.atlassian.com/bitbucket-cloud/docs/app-passwords/

...which appears to let me connect to bitbucket through Sourcetree (like OAuth did) but still gives the same 403 error when trying to clone/push/pull.

Any ideas?