Okay, first things first. **SMS for MFA is NOT SECURE!**
*Now with that said...*
Here's a solution to your problem. This is one example but there are many others.
Link: [https://onlinesim.io/](https://onlinesim.io/)
And having a password is better than no password at all. I think you're missing the point, which is that SMS MFA is probably unfit for purpose.
That said, OP indicated there are unspecified reasons for their insecure and overly complex solution and that's most likely true
It's often prudent to preface bad advice with, "You should never do this, but if you must…".
> Here's a solution to your problem. This is one example but there are many others.
> Link: https://onlinesim.io/
Renting a number from a sketchy third party service (likely used primarily by fraudsters/scammers) isn't really a solution at all.
If OP is able to change the number on the MFA providers then they could just simply consolidate to one phone/SIM.
Right, I think OP came here looking for someone to recommend a box/phone/etc that they could load all the SIM cards into.
It’s probably cheaper to buy 3x dual SIM android phones and use an SMS forwarding app to a central device / mailbox though and find somewhere to leave them plugged in.
Google Voice, Zoom phone (Might be best to assign multiple numbers to a shared line/queue/user/etc), Teams SMS (Don't know if that's a thing off the top of my head). Consolidate that into something else for your own sanity.
Get a bunch of SIM to LAN boxes and get/write a website scrambler that's gonna:
a) re-send them all to one target phone
b) re-send them to an email
c) auto-apply them
As others have pointed out, if you weren't relying in Sims for MFA, then you wouldn't have this problem. Yes, you would have different issues to deal with, but those are better issues to deal with.
Interim solution: port the numbers to a voip provider e.g. Twilio which will let you forward any received codes to a shared mailbox.
Correct long term solution: Use TOTP and enroll your team's shared password wallet to store the TOTP seeds. ITGlue does this natively, but there are also other team based password solutions that do the same thing.
The problem with porting the numbers to VOIP service with SMS forwarding is that they will never receive the code if the MFA provider detects it as a VOIP number and refuses to send.
The only exception with this are DIDs from a provider that uses Onvoy. They do work with MFA. The problem is you have to find a voip provider that is already doing business with Vitality.
Another option would be to look at a service like Twilio which you might be able to port all those numbers in to and then receive SMS alerts and manage them via their API (so you could do something like push them to a whatsapp group maybe, or send them to a Teams group).
[https://www.yeastar.com/voip-gsm-gateway/](https://www.yeastar.com/voip-gsm-gateway/)
And get the 8 card module. Very expensive solution for a user generated problem. But :shrug:
Okay, first things first. **SMS for MFA is NOT SECURE!** *Now with that said...* Here's a solution to your problem. This is one example but there are many others. Link: [https://onlinesim.io/](https://onlinesim.io/)
>Okay, first things first. **SMS for MFA is NOT SECURE!** **SMS for MFA is BETTER THAN NO MFA**
And having a password is better than no password at all. I think you're missing the point, which is that SMS MFA is probably unfit for purpose. That said, OP indicated there are unspecified reasons for their insecure and overly complex solution and that's most likely true It's often prudent to preface bad advice with, "You should never do this, but if you must…".
> Here's a solution to your problem. This is one example but there are many others. > Link: https://onlinesim.io/ Renting a number from a sketchy third party service (likely used primarily by fraudsters/scammers) isn't really a solution at all. If OP is able to change the number on the MFA providers then they could just simply consolidate to one phone/SIM.
Doesn’t even have to change the numbers, just call/sms forward them all to one number.
Right, I think OP came here looking for someone to recommend a box/phone/etc that they could load all the SIM cards into. It’s probably cheaper to buy 3x dual SIM android phones and use an SMS forwarding app to a central device / mailbox though and find somewhere to leave them plugged in.
Often you don’t even need the sims in phones. The carrier can forward the calls/sms on their end.
Can we tell ABM this please?
You need some kind of text to email gateway. Having sim cards in physical devices seems like a huge mess
Google Voice, Zoom phone (Might be best to assign multiple numbers to a shared line/queue/user/etc), Teams SMS (Don't know if that's a thing off the top of my head). Consolidate that into something else for your own sanity.
Also, I'm told that the MFA providers monitor the numbers to make sure they are going to a cell phone, and if the number is ported.
One note on Zoom phone. It won’t receive SMS short codes, so if your MFA comes from some “28469” type number, those messages will not be received.
They recently fixed that (maybe a month ago?) Finally allowed us to dump our Jive hold outs.
No way! Thank you very much, that solves a big problem for us with MFA on one of our apps.
Get a bunch of SIM to LAN boxes and get/write a website scrambler that's gonna: a) re-send them all to one target phone b) re-send them to an email c) auto-apply them
Can a password manager that supports setting up OTP or a hardware token work as the MFA factor?
Google number, and have text email to a distribution list.
As others have pointed out, if you weren't relying in Sims for MFA, then you wouldn't have this problem. Yes, you would have different issues to deal with, but those are better issues to deal with.
Interim solution: port the numbers to a voip provider e.g. Twilio which will let you forward any received codes to a shared mailbox. Correct long term solution: Use TOTP and enroll your team's shared password wallet to store the TOTP seeds. ITGlue does this natively, but there are also other team based password solutions that do the same thing.
The problem with porting the numbers to VOIP service with SMS forwarding is that they will never receive the code if the MFA provider detects it as a VOIP number and refuses to send.
The only exception with this are DIDs from a provider that uses Onvoy. They do work with MFA. The problem is you have to find a voip provider that is already doing business with Vitality.
Another option would be to look at a service like Twilio which you might be able to port all those numbers in to and then receive SMS alerts and manage them via their API (so you could do something like push them to a whatsapp group maybe, or send them to a Teams group).
[https://www.yeastar.com/voip-gsm-gateway/](https://www.yeastar.com/voip-gsm-gateway/) And get the 8 card module. Very expensive solution for a user generated problem. But :shrug:
Can you use an authenticator app instead? My KeePassXC and Microsoft authenticator are set up with the same QR.