SMS-based multi-factor authentication is not currently available in Zenovay. We recommend using an authenticator app (TOTP) or a hardware security key (WebAuthn) to secure your account.
Why SMS MFA Is Not Available
SMS verification is widely recognized as the weakest form of MFA due to several security risks:
- SIM swapping attacks: Attackers can convince carriers to transfer your phone number
- SMS interception: Messages can be intercepted in transit
- Carrier delays: Codes may arrive late or not at all, especially internationally
- No offline support: Requires cell signal to receive codes
For these reasons, Zenovay focuses on providing more secure MFA methods.
Recommended Alternatives
Authenticator App (TOTP)
The best option for most users:
- Works offline (no cell signal needed)
- Resistant to SIM swapping and interception
- Free apps available on all platforms
- Quick 6-digit code entry
Popular authenticator apps:
- Google Authenticator (iOS, Android)
- Authy (iOS, Android, Desktop)
- 1Password (All platforms)
- Microsoft Authenticator (iOS, Android)
- Bitwarden (All platforms)
See Setting Up TOTP for a step-by-step guide.
Security Keys (WebAuthn)
The most secure option:
- Phishing-resistant hardware authentication
- No codes to enter -- just touch your key
- Supports USB, NFC, and Bluetooth
- Works with YubiKey, Google Titan, and others
See Setting Up WebAuthn for details.
Migrating from Other Services
If you're used to SMS-based MFA from other services, setting up an authenticator app is straightforward:
- Install an authenticator app on your phone
- Go to Settings -> Security in your Zenovay dashboard
- Click Enable Multi-Factor Authentication
- Select Authenticator App
- Scan the QR code with your app
- Enter the verification code to confirm
The entire process takes about 2 minutes.