FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Handling Twilio SMS 'STOP' Opt-Outs in FusionAuth MFA Workflows

    Scheduled Pinned Locked Moved Solved
    Frequently Asked Questions (FAQ)
    mfa
    1
    2
    153
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wesley
      last edited by

      When using Twilio for Multi-factor Authentication with SMS, there is a built-in functionality that if a user replies "Stop" to a text, all future communication for that number is blocked. If this happens, the user will no longer be able to receive a code to log-in. What is the best way to work around this?

      W 1 Reply Last reply Reply Quote 0
      • W
        wesley @wesley
        last edited by

        This is a known issue with Twilio’s SMS service. A good approach is to use a dedicated Twilio phone number only for MFA codes, and another number for other notifications so users are less likely to reply with “STOP.” Alternatively, you could switch to other MFA methods like TOTP, using apps such as Google Authenticator or Authy, or use email-based MFA. Keep in mind that once a user sends “STOP,” Twilio blocks all future messages until they opt back in by texting “START.” Educating users not to reply “STOP” to MFA messages is also helpful.

        1 Reply Last reply Reply Quote 0
        • W wesley marked this topic as a question
        • W wesley has marked this topic as solved
        • First post
          Last post