SMS as an MFA verification method is now deprecated

Change effective on 16 June 2022

Heroku has deprecated the use of SMS as a backup option or verification method for all users.

Legacy Heroku two-factor authentication (2FA) configuration encouraged users to add SMS as a backup. Users with legacy 2FA SMS backups were automatically migrated to new Heroku Multi-Factor Authentication (MFA) and with their SMS as an MFA verification method.

These migrated SMS verifiers have been removed. Users are no longer able to use SMS as a verification method.

Users should ensure that they have another MFA verification method such as recovery codes configured as backup if your usual MFA verification method is not available.

No action is required for users who do not have an SMS verifier enabled.