“For the ninth day of the 12 Days of 2FA, we’ll look at how to enable two-factor authentication on PayPal. No matter where on the web you are doing your last-minute online holiday shopping, you are likely to run into the option to pay with PayPal. PayPal calls 2FA and the associated verification codes “Security Keys.” This can be confusing if you think of security keys as hardware 2FA devices like YubiKeys. Regardless of the naming, the idea and execution are the same as other services we have looked at: if signing in requires something you have (like your phone) as well as something you know (your password), then your account has an added layer of protection. PayPal offers 2FA via text messages or via Symantec’s VIP (Validation & ID Protection) authenticator app. Authenticator apps are more secure and avoid a lot of the downfalls of SMS. However, SMS is more practical if you do not use a smartphone. Consider your threat model and choose the best mode for you. (If you use the PayPal mobile app, note that PayPal mobile is only compatible with text messages.)…”
Sorry, comments are closed for this post.