As the organiser of the Oman Go community, I rely on SendGrid to send out notifications about upcoming events. Although SendGrid enforces Two-Factor Authentication (2FA) via the Authy app, I prefer to use 1Password for managing my codes. Consequently, my options were to disable 2FA entirely or receive codes via SMS messages to my mobile number. I chose the latter despite potential security concerns.
Today, I encountered a rather frustrating situation when trying to log into my account. Let me recount the series of events:
- After entering my username and password, I was prompted for a 2FA code.
- The code did not arrive immediately, so I waited for a while, anticipating a delayed SMS.
- After 30 seconds, I clicked the text to resend the SMS, only to receive an error message: “App unable to send SMS at this time.”
The irony of a message delivery platform being unable to send a message was not lost on me. I decided to investigate further and headed to the support page for troubleshooting 2FA issues.
To my surprise, I was required to sign in to submit a support request.
This brought me back to square one, stuck at the 2FA prompt.
Upon examining the JSON response when requesting a new code, I discovered that SMS delivery to Oman had been blocked:
"message": "delivery blocked: The destination phone number has been blocked by Verify Geo-Permissions. OM is blocked for sms channel for all services"
This was baffling, as I had successfully set up 2FA with SMS delivery when I first registered my account.
In conclusion, my experience with SendGrid’s 2FA process has been less than optimal. While I understand the importance of security measures, the inability to access my account and the lack of clear communication regarding the SMS delivery blockage have been disheartening. I suggest that SendGrid consider implementing the standard Time-based One-Time Password (TOTP) method for creating and sending 2FA codes. This would not only simplify the authentication process but also provide a more reliable and user-friendly experience.