How to Set Up a Basic 2FA on Twilio

Peyton Duplechien • 15 Sep 2021 • 3 min read

If you have a smartphone and any accounts online, you likely have run into 2FA. 
2FA, otherwise known as multifactor authentication, is a highly favored safety feature to keep you and your personal information safe. When using a tool like Twilio, you’re in luck, it’s very simple to set up a basic 2FA. 

Is Your Twilio Account a Paid Account? 

If so, it’s a required feature on your Twilio account. This is no problem because you have two options to get your 2FA on your account set up easily. 

  • 2FA on your login only
  • 2FA on your entire project

 

Enabling 2FA for Your Login Only

These directions were pulled directly from Twilio Support for your convenience. 

  • Access the User Settings page in Console.
  • If the User Settings page is gray, you may need to re-authenticate. Click Authenticate to make changes at the bottom of the screen, and then verify your credentials again to continue.
  • Scroll to the “Enable Two-Factor Authentication (2FA)” section, and then select the desired 2FA level. Click Update 2FA Settings to save your selection.
    • Disabled: No 2FA verification required.
    • Once per computer: Request verification to validate a single computer every 30 days.
    • Every log-in: Request verification every login attempt.
  • Scroll to the “Two-Factor Authentication (2FA) Methods” section, and then select the desired 2FA method. Click Update 2FA Method to save your selection.
    Note: When re-enabling 2FA, Twilio will save your previously selected method as the default.
    • Authy app: Receive 2FA authentication codes via the Authy app.
    • Text message: Receive 2FA authentication codes via SMS.
    • Voice message: Receive 2FA authentication codes via an automated voice call.
  • Users enabling 2FA for the first time will be required to go through a one-time login and verification process with your new 2FA method of choice.

 

Enabling 2FA for Your Entire Project 

  • Access the Project Settings page in Console.
  • If the User Settings page is gray, you may need to re-authenticate. Click Authenticate to make changes at the bottom of the screen, and then verify your credentials again to continue
  • Scroll to the “Require Two-Factor Authentication (2FA)” section, and then select the desired 2FA level. Click Save to save your selection.
    • Disabled: No 2FA verification required.
    • Once per computer: Request verification to validate a single computer every 30 days.
    • Every log-in: Request verification every login attempt.
  • After enabling 2FA on a project, you may be asked to verify the phone number where you will receive your verification code. Phone numbers may be verified through SMS messaging or voice calls. If you are having trouble verifying your phone number with one method, try the other.

The next time a user logs in to Twilio and accesses this project, they will be automatically enrolled in 2FA and can select the method of their choice.

Recovery Code and Availability

According to Twilio, “Once you’ve completed this process, you will receive a recovery code. This code is extremely important; be sure to write it down, and store it in a very safe place. In the case that you lose your phone, the recovery code will allow you to log in to your project instead of using the six-digit verification code that is sent to your phone.” 
Meaning, you do not want to lose this code!

Should I use the app or my cell phone? 

This is more of a personal choice. But, let’s look at the pros and cons. 
With your phone, all you need is a quick text message or phone call. The downside is, if your phone is dead, lost, or you don’t have service, you might be out of luck. 
By using an authenticator app, you have more control over how you can access your account when you need to. Using the app, you don’t have to worry about a dead phone as much if you can access it on another device. Just make sure you know your login, that’s what’s holding you back. 

The Importance of Staying Secure

Eliminate risk in your projects by setting up Multifactor 2FA authorization whether your account is paid or not. 
Then, consider setting it up on any other accounts you may use for business and personal accounts. You never know who or what could be trying to take advantage of your private information.
At VoiceNation, we pride ourselves on our dedication to client security as well. With our mobile app for our live answering services, we ask our clients to use their phone number as a form of 2FA, keeping their account safe, secure, and in their hands only. 

Interested in learning more about our mobile app and security features for live answering? Contact one of our VoiceNation experts today!