> Twilio has also been emailing me the past few months telling me I must turn on 2FA on my account. This is weird since I have TOTP enabled.
There's been a bit of confusion about this email: you can turn on 2FA separately for your Twilio account (identified by a 32-char hex string prefixed with "AC") and your user account (your email address). The email is talking about your user account. Even if you have 2FA turned on for your Twilio account, the email is asking you to turn it on for your user account.
For some context for those who may not be familiar: the Twilio account is essentially a billing/project unit that is a container for Twilio resources you've purchased or configured. Multiple user accounts can have access to a single Twilio account, and a single user account can have access to multiple Twilio accounts. Enabling 2FA on the Twilio account means all users who want to sign into that account (regardless of their user account setting) will have to use 2FA. Similarly, enabling 2FA on your user account will require 2FA whenever you sign in, regardless of the settings on any accounts you may have access to.
(Source: I work there, got confused about this email myself, and managed to clarify internally what was going on.)
There's been a bit of confusion about this email: you can turn on 2FA separately for your Twilio account (identified by a 32-char hex string prefixed with "AC") and your user account (your email address). The email is talking about your user account. Even if you have 2FA turned on for your Twilio account, the email is asking you to turn it on for your user account.
For some context for those who may not be familiar: the Twilio account is essentially a billing/project unit that is a container for Twilio resources you've purchased or configured. Multiple user accounts can have access to a single Twilio account, and a single user account can have access to multiple Twilio accounts. Enabling 2FA on the Twilio account means all users who want to sign into that account (regardless of their user account setting) will have to use 2FA. Similarly, enabling 2FA on your user account will require 2FA whenever you sign in, regardless of the settings on any accounts you may have access to.
(Source: I work there, got confused about this email myself, and managed to clarify internally what was going on.)