Two-factor authentication (2FA) is an optional security feature that requires you, the user, to provide two means of identification in order to access your project. For Twilio projects, this would include your standard login credentials (email address and password), as well as a randomized verification code sent to your phone (via a call, SMS message, or a TOTP authentication app). This guide explains the TOTP authenticator app requirements, and how to setup Twilio 2FA.
2FA authentication app support
Twilio's 2FA account security feature is powered by Time-Based One-Time Passwords (TOTP), a common method for generating expiring verification codes. Twilio 2FA is supported on any authentication apps that comply with the TOTP standard. Popular TOTP authenticator apps include apps from Google, Microsoft, and our own free Authy app.
Which 2FA app should I use?
We recommend using the Authy app as the most secure and convenient method for 2FA, trusted by hundreds of customers and top-rated in the app store. Some alternatives are discussed in the Wirecutter's article on the Best two-factor authentication app (thewirecutter.com).
Prerequisite: Install your authentication app
Before you get started, you'll need to download and install the authenticator app of your choice. For help getting setup, please see the app vendor's support site.
Setup 2FA on your TOTP authentication app
Once your authentication app is installed and setup, you're ready to add your Twilio 2FA account:
- Access the User Settings page in Console.
- If the User Settings page is gray, you may need to re-authenticate. Click Authenticate to make changes at the bottom of the screen, and then verify your credentials again to continue.
- Scroll to the "Enable Two-Factor Authentication (2FA)" section, and then select the one of the desired 2FA enablement options. Click Update 2FA Settings to save your selection.
- Once per computer: Request verification to validate a single computer every 30 days.
- Every log-in: Request verification every login attempt.
- Scroll to the "Two-Factor Authentication (2FA) Methods" section, and then select Another authenticator app. Click Update 2FA Method to save your selection.
- A Twilio QR code will be displayed in the browser. Open your authenticator app, and then begin the add account dialog.
Note: For help adding an account in your authenticator app, please see the app vendor's support site.
- From the authenticator app, select the option to scan a barcode or QR code. Then, scan the Twilio QR code displayed in your browser with your authenticator app. Click Continue when finished.
- A verification code confirmation will be displayed in the browser. Enter the verification code from your authenticator app, and then click Verify.
- Users enabling 2FA for the first time will see a recovery code displayed in the browser window. Saves this codes, as you'll need it to recover access to your account if you ever lose access to your 2FA authentication app.
That’s it! You are now secured with two-factor authentication (2FA). Every time you log in to Twilio (or log in from an unrecognized device, depending on your chosen security level), you will be prompted to enter the verification code shown in your app.