PayPal Two-Factor Authentication with Hardware Security Key

PayPal two-factor authentication became available to users in far 2007. Everybody wishing to protect their PayPal login could order a $5 security token directly from their account.

Unfortunately, later the company discontinued the use of its own hardware tokens in favor of SMS-based authentication, decreasing PayPal security considerably. But the situation with PayPal two-factor authentication is changing once again, for the better now:

  1. Since 2018, you can use MFA applications to log into PayPal (Google Authenticator, Protectimus Smart, etc.)

How do I enable PayPal 2FA?

Step 1

To activate two-factor authentication in PayPal sign in your account and navigate to the settings menu.

Step 2

Choose the Security tab.

Step 3

In the “2-step verification” section, click Set Up.

Step 4

At this point, you’ll need to choose one of the available two-factor authentication methods: SMS or MFA application. Programmable hardware tokens can be linked with PayPal as MFA applications.

  • SMS. When you choose SMS authentication, you’ll need to provide a real phone number. You’ll instantly receive a message containing a PayPal security code to confirm the number is correct. We don’t recommend using SMS if you’re able to set up a 2FA app instead or order a hardware token for use with PayPal.

Step 5

  • If you haven’t already installed a one-time password generator app, install a free app Protectimus SMART OTP or any other 2-factor authentication app.

At this point, you’ll see a QR code containing the secret key. Scan this secret key using a two-factor authentication app, or using the Protectimus TOTP Burner app if you’re linking a hardware PayPal security key Protectimus Slim NFC. If you aren’t able to scan the QR code, you can input the secret key manually.

You’ll find detailed instructions for programming the secret key into the Protectimus Slim NFC token here.

Step 6

To finish setting up PayPal 2-factor authentication, generate a one-time password with your token and enter it in the provided field.

Step 7

Create a backup token. If you lose access to your current token, you can restore access to PayPal with your backup token. Remember that if you choose SMS authentication for backup, your PayPal account login will be less secure, even if you linked a hardware security key in the previous step. The best option is to use a hardware token as your main means of authentication and a 2FA PayPal app as a backup, or the other way around.

| Read also: How to Backup Google Authenticator or Transfer It to a New Phone

Continue reading on Protectimus Blog:

Two-factor authentication solutions for business. Secure your organization’s and user’s data with MFA: