Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Similar experience when Twilio started requiring SMS 2FA. I offered to use U2F or TOTP, but no, it must be SMS.

I don’t have a work number and this is an absurd reason to get one, so we just canceled the account.



They've even started requiring this for their subsidiaries, like Sendgrid. It's very offputting.


That's strange. I have TOTP 2FA on my Twilio account. AFAIK there is no requirement for it to be SMS.


Twilio Support:

> We're aware that some users would much rather prefer not to use SMS for 2FA usage […] this is a known issue

> Please be noted that as of right now, you can only access [TOTP] after submitting a valid phone number. If possible, we'd recommend you just provide a personal phone number as a workaround

I’d already borrowed a coworker’s phone once for the initial account verification, but requiring it multiple times crossed a line.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: