New to the community? Welcome! Please read our Community Rules and Guidelines
In 2FA setting, does PayPal provide backup codes, just in case of phone / authenticator loss?
Thanks for reaching out! PayPal wouldn't necessarily offer any kind of backup codes since a new one is generated every 30 seconds. If you were to lose your phone / authenticator, you would need to reach out to our Customer Support to disable that 2FA method.
- Jon K
Hello @PayPal_JonK - I have additional question to this topic then - considering that 2FA's purpose is adding another level to the basic login credentials, how does PayPal prevent a scenario when my login credentials are already leaked (not the core of my question) and the one who happens to get my leaked credentials call PayPal Customer Support to disable the 2FA? How would Customer Support confirm the identity of the caller?
I think the common practice of services providing a limited number of static backup codes for cases of losing the device with the code generating app (they usually have more digits) when activating 2FA is useful because it's still another level of security. While calling a customer support to just turn the 2FA off seems like the weakest link of the security to me, making the whole system actually not that secure. Is that not so?