If you are having long delivery times from your SMS provider there is an alternative mode that you can run the SMS feature in that would, in 99% of logins, remove the need for the password to be send within a minute or two.

By default the SMS expiry mode is set to ‘Send password at logon’, this is when you authenticate and the password is dispatched as you logon, this is where the delivery time becomes an issue. There is a secondary mode you can set to ‘Send password before logon and then expire’, in this mode the password will be sent before the user even logs on, this means that the password is set and available when the user is logging in, once the user has logged in the password will expires and a new password for the next logon is sent.

This does mean that you need to make sure your users do not delete the new password for the next session after they have logged in. It may be wise to change the text in the delivered message to make it clear that the password is for the next logon.

Both the mode and the message text can be set in System Configuration > Security > OTP.