Posting here since it might prompt more of a reaction than the email I sent to customer services.
I have 2 PayPal accounts, one for my business and one for personal use. I enabled MFA on the business account and now get an SMS message sent to my phone when I log into the account - ignoring the fact that the use of SMS in this way is now considered a weak form of 2FA (see https://www.howtogeek.com/310418/why-you-shouldnt-use-sms-for-two-factor-authentication/) this is still better than nothing. However PayPal will not let me add the same number to my personal account - it is already in use - very reasonable when you think about it BUT (and here is the rub) there is NO alternative MFA option offered on PayPal. I would be happy to use an Authenticater app and I have a Ubikey I could use to name but two, but no, PayPal, a financial company, only offers the weakest version of MFA to its customers.
Personally I think this is poor for any company to whom I trust my personal data to but it is a serious failing for one that has access to my bank and credit card accounts and will allow me (or someone who compromises my account) to run up credit.
And to add cap it all, my polite query to customer services a month ago has resulted in zero response. I strongly suspect this is motivated by making the "click to checkout via PayPal" process as simple as possible to encourage more of us to use it - can't have the speed at which we can be parted from our money being hampered by small concerns such as our personal security can we?
Time to find an alternative I think.
