Looking to keep your account secure? Follow these recommended best practices to make sure your information stays safe.
Plivo console security (for https://console.plivo.com)
- Choose a strong password that includes at least 12 characters: uppercase, lowercase, special characters, and numbers.
- Enable two-factor authentication on your Plivo account.
- Leverage role-based access controls when adding new users to the account.
- Don't use a group email address when registering a new account. We strongly recommend using an individual email for your Plivo account signup.
- Use an email account that's monitored regularly so that you receive alerts and security notifications in a timely manner.
- Auth ID and Auth Tokens are required to trigger SMS messages and voice calls. Auth Tokens should be treated as highly confidential as passwords and should not be published on open source platforms such as GitHub.
SMS security
- Enable Geo Permission under SMS > Settings > Geo Permissions to whitelist countries in which your users receive SMS notifications from you.
- Enable the setting Authorization To View SMS/MMS Content under SMS > Settings > Other Settings to authorize the Plivo customer success team to view your SMS content, help you debug, and detect fraud activity more effectively.
- Always redact incoming messages when creating a new application. Go to SMS > Applications > Add new application > Redact Incoming Messages to do that.
Voice security
- Enable Geo Permission under Voice > Settings > Geo Permissions to whitelist countries in which your users receive voice calls from you.
Zentrunk security
- When creating a password for your trunk, choose a strong password that includes at least 8 characters: uppercase, lowercase, special characters, and numbers.
- Only whitelist the IP addresses from your PBX and be sure to update these addresses if the PBX IP addresses changed.