diff --git a/app/Http/Controllers/AccountController.php b/app/Http/Controllers/AccountController.php
index 52a2d8532962..ce9e4918713f 100644
--- a/app/Http/Controllers/AccountController.php
+++ b/app/Http/Controllers/AccountController.php
@@ -65,6 +65,25 @@ class AccountController extends BaseController
      */
     public function store(CreateAccountRequest $request)
     {
+
+        if(config('ninja.cloudflare.turnstile.secret')) {
+            $r = \Illuminate\Support\Facades\Http::post('https://challenges.cloudflare.com/turnstile/v0/siteverify', [
+                'secret' => config('ninja.cloudflare.turnstile.secret'),
+                'response' => $request->input('cf-turnstile-response'),
+                'remoteip' => $request->getClientIp(),
+            ]);
+
+            if($r->successful()){
+
+                if($r->json()['success'] === true) {
+                    // return response()->json(['message' => 'Captcha Success'], 200);
+                } else {
+                    return response()->json(['message' => 'Captcha Failed'], 400);
+                }
+            }
+
+        }
+
         $account = (new CreateAccount($request->all(), $request->getClientIp()))->handle();
         if (! ($account instanceof Account)) {
             return $account;
diff --git a/app/Http/Controllers/TwilioController.php b/app/Http/Controllers/TwilioController.php
index 61cff61ff31c..34763957425d 100644
--- a/app/Http/Controllers/TwilioController.php
+++ b/app/Http/Controllers/TwilioController.php
@@ -144,6 +144,9 @@ class TwilioController extends BaseController
      */
     public function generate2faResetCode(Generate2faRequest $request)
     {
+        nlog($request->all());
+        nlog($request->headers());
+
         $user = User::where('email', $request->email)->first();
 
         if (!$user) {
@@ -154,6 +157,11 @@ class TwilioController extends BaseController
             return response()->json(['message' => 'Please verify your email address before verifying your phone number'], 400);
         }
 
+
+        if(!$user->first_name || !$user->last_name) {
+            return response()->json(['message' => 'Please update your first and/or last name in the User Details before verifying your number.'], 400);
+        }
+
         if (!$user->phone || $user->phone == '') {
             return response()->json(['message' => 'User found, but no valid phone number on file, please contact support.'], 400);
         }
diff --git a/config/ninja.php b/config/ninja.php
index aade77cb0f13..b1fb25d661a0 100644
--- a/config/ninja.php
+++ b/config/ninja.php
@@ -228,5 +228,10 @@ return [
         'secret' => env('PAYPAL_SECRET', null),
         'client_id' => env('PAYPAL_CLIENT_ID', null),
         'webhook_id' => env('PAYPAL_WEBHOOK_ID', null),
+    ],
+    'cloudflare' => [
+        'turnstile' => [
+            'secret' => env('CLOUDFLARE_SECRET', null),
+        ]
     ]
 ];
diff --git a/routes/api.php b/routes/api.php
index a559d65e8e7c..9c00aaf92637 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -360,7 +360,7 @@ Route::group(['middleware' => ['throttle:api', 'api_db', 'token_auth', 'locale']
     Route::post('settings/enable_two_factor', [TwoFactorController::class, 'enableTwoFactor']);
     Route::post('settings/disable_two_factor', [TwoFactorController::class, 'disableTwoFactor']);
 
-    Route::post('verify', [TwilioController::class, 'generate'])->name('verify.generate')->middleware('throttle:100,1');
+    Route::post('verify', [TwilioController::class, 'generate'])->name('verify.generate')->middleware('throttle:3,1');
     Route::post('verify/confirm', [TwilioController::class, 'confirm'])->name('verify.confirm');
 
     Route::resource('vendors', VendorController::class); // name = (vendors. index / create / show / update / destroy / edit
@@ -403,8 +403,8 @@ Route::group(['middleware' => ['throttle:api', 'api_db', 'token_auth', 'locale']
     Route::post('api/v1/yodlee/status/{account_number}', [YodleeController::class, 'accountStatus']);
 });
 
-Route::post('api/v1/sms_reset', [TwilioController::class, 'generate2faResetCode'])->name('sms_reset.generate')->middleware('throttle:10,1');
-Route::post('api/v1/sms_reset/confirm', [TwilioController::class, 'confirm2faResetCode'])->name('sms_reset.confirm')->middleware('throttle:20,1');
+Route::post('api/v1/sms_reset', [TwilioController::class, 'generate2faResetCode'])->name('sms_reset.generate')->middleware('throttle:3,1');
+Route::post('api/v1/sms_reset/confirm', [TwilioController::class, 'confirm2faResetCode'])->name('sms_reset.confirm')->middleware('throttle:3,1');
 
 Route::match(['get', 'post'], 'payment_webhook/{company_key}/{company_gateway_id}', PaymentWebhookController::class)
     ->middleware('throttle:1000,1')