merixstudio
Twilio/SMS should support counter based codes
SMS based codes should be unique each time they are generated by using a counter as part of the code generation. Each time a code is generated the counter increases. This means each code will be different. A validity period would generally not longer be applicable here (leave that up to the app user). Only the most recent code will validate true.
I think this is standard when it comes to SMS 2FA codes. If trench already supports this please link me to the documentation, otherwise this would be a great feature to add either as a default or configurable setting (with the counter being null and unused on the MFA method model if the setting is toggled off).
Ref: https://pyauth.github.io/pyotp/#counter-based-otps.
