MFA - SMS

Using SMS as an authentication factor means that the end user is sent a code via SMS when attempting to authenticate with your application. They will have to enter this code to complete the transaction, implying that in addition to knowing their login information, they also have possession of the device.

End user experience

SMS End User 1

After signing up, and entering a country code and phone number, the user will receive a six digit code to their device. They need to enter this code into the box in order to authenticate.

SMS End User 2

Your users must have a device capable of receiving SMS messages to use this option. If users can't receive SMS messages, they will not be able to sign-up with this factor. If they already enrolled with SMS and don't have the device, they will need to use their recovery code to complete the MFA flow.

Administrative setup

In order to set up SMS, you will need to click on the SMS factor in the Dashboard and configure an SMS provider such as Twilio to enable you to send SMS messages to your users. You can also customize your SMS notification templates.

MFA SMS Settings