cancel
Showing results for 
Search instead for 
Did you mean: 

Enable 2FA on an account

SOLVED
Highlighted
Moderator

Re: Enable 2FA on an account

Hello @ekrueger,

 

Business accounts can setup the 2FA authentication by clicking on Settings (Gear Icon) and then "Security Key" under "Login & Security".

 

Cheers,

 

 - Jon K


If you find this or any other post was helpful, make our community better by giving kudos or accepting it as a solution.
Contributor

Re: Enable 2FA on an account

@PayPal_JonK Are you actually reading our comments? It would appear not.

 

We are asking for 2FA that uses an AUTHENTICATOR APP because SMS is insecure and we don't want yet another, PayPal-branded hardware security token when we all have mobile devices that already support authenticator apps.

Moderator

Re: Enable 2FA on an account

@cbj4074,

 

I'd be happy to clarify further. After selecting "Update" next to "Security Key", you'll see the option to use / enter your mobile number or you can select "Activate a new security key token". Click that, then jump over to your phone and download the VIP Access app.

 

The VIP Access app can be downloaded via Google Play Store or Apple App Store. From there, you'll see the serial number to use and follow the instructions from there back on your computer. 

 

Once activated, you'll use that app to generate a new 6 digit code to be used at every login.

 

Best of luck!

 

 - Jon K


If you find this or any other post was helpful, make our community better by giving kudos or accepting it as a solution.
Contributor

Re: Enable 2FA on an account

Which only "sorta" works.

That app provides a serial number that is usable for a single account, so we're back to a situation where you can secure 1 account and not multiple accounts.   What's really crazy about this is that Paypal already enabled authenticator apps for personal accounts, and if you'd just do the same thing here, then there'd be unlimited account support, and significantly better account security and ease of use.

 

-Erick

Contributor

Re: Enable 2FA on an account

@PayPal_JonK Thank you for clarifying, and I appreciate your patience and level-headed tone, despite my apparent frustration with the status quo.

 

The VIP Access app is certainly better than nothing, and until you explained how to enable it in your previous post (for which I gave you kudos), it was in no way apparent that one is able to use a mobile device in lieu of needing a PayPal-branded security card or token.

 

The page in question (pictured below) should be modified to explain that!

 

paypal-security-token-setup.png

 

Out of curiosity, why doesn't PayPal simply extend the multi-app authenticator (e.g., Google Authenticator, Microsoft Authenticator, etc.) support to Business accounts, as it has for Personal accounts, as @ekrueger suggests? Is there some technical reason for which doing so is infeasible?

New Community Member

Re: Enable 2FA on an account

This "VIP Access app" you mention is made by Symantec.

For the love of Pete, no one I know would even consider installing their software.

Does Paypal not provide/sell the card and/or dongle shown on the web page?

 

Better yet, I would like to use my YubiKey or Titan.

 

Please advise.

 

Sláinte,

Pad

Member

Re: Enable 2FA on an account

Actually authenticator apps aren't that secure anymore either.

For best security practices a hardware token like a yubikey is now recommended.

They have NFC enabled ones now that takes the PITA out of it.

Contributor

Re: Enable 2FA on an account

@Garbunkle Are you able to provide a citation that explains why Authenticator-style apps are no longer viable? Thanks!

Moderator

Re: Enable 2FA on an account

@cbj4074,

 

No worries at all! I'm glad I can help. I definitely agree that page should be updated / modified to explain what authentication apps can be used. I'll make sure to pass your feedback on. Thank you!

 

@ekrueger,

 

I hear you. We definitely want to be as convenient as possible, but we also have to try to be as secure as possible. That being said, this is great feedback as well. We appreciate it and we hear you all loud and clear. I'm sure there's a solution down the road that walks that fine line of safety and convenience for multi-account / multi-app 2FA. I hope that VIP Access app helps out  for now. Keep your ear to the ground in the meantime. 

 

Thanks again and have a great day!

 

 - Jon K


If you find this or any other post was helpful, make our community better by giving kudos or accepting it as a solution.
Contributor

Re: Enable 2FA on an account

@PayPal_JonKI installed the VIP Access app. I didn't realize that it's a Symantec product, and not PayPal's home-brewed solution. That makes me feel (only marginally) better. 😉

 

In any case, there are no real "instructions" to speak of in the app itself. Specifically, it's not clear what value needs to be entered into the "Serial number" field in the PayPal interface (of which I provided a screenshot in my previous post). Is this the "CREDENTIAL ID" that appears at the top of the VIP Access app interface? Or some other value?

 

I've tried entering the full value, e.g., "SYMC XXXX XXXX" (there are 8 numeric digits in place of those Xs) and then the 6-digit code, followed by the next 6-digit code that appears within 30 seconds of the first, and I get:

 

We're sorry. There's been an intermittent communication problem. Please try again later.

We were unable to authenticate the 6-digit codes you entered. Please contact PayPal Customer Service for help with activating your PayPal Security Key.

 

Am I missing something? If all of this is described in the documentation somewhere, a link would be most helpful.

 

Thanks again.