Time-Based One-Time Passwords for Phone Support

Cloudflare has introduced phone authentication for Enterprise customers to enhance their support experience over the phone without compromising account security. Customers can now verify their identity during a call by providing a token generated from the Cloudflare dashboard or via a 2FA app like Google Authenticator. This feature is available to eligible Enterprise customers and can be configured through the Cloudflare dashboard or an authenticator app. The system generates single-use tokens using RFC 6238 compliant time-based one-time passwords, ensuring secure authentication during phone calls. Future improvements include giving users the ability to request a callback from a support agent within the Cloudflare dashboard.