cancel
Showing results for 
Search instead for 
Did you mean: 

Google Authenticator

New Community Member

Google Authenticator

Hi everybody!

I saw several messages asking this same question, but I didn't find any positive answer:

When will it be possible to use Google Authenticator for connecting to PayPal?

It's becoming more and more critical and urgent since SS7 protocol has been compromised and no serious security can any more rely on SMS!

Thank you.

16 REPLIES
New Community Member

Re: Google Authenticator

SMS text messages are NOT SECURE!!!! e.g. https://techcrunch.com/2016/07/25/nist-declares-the-age-of-sms-based-2-factor-authentication-over/

 

(Voice phone calls may be a little bit more secure than SMS text messages, but not much.)

 

Please, PayPal, support some widely available 2-Factor-Authentication standard - like the TOTP used by Google Authenticator and many similar apps.

 

 

---

 

If TOTP using applications such as Google Authenticator is available, then ... I have not been able tio find it.  Certainly not on my computer account.  

 

Some of your web pages suggest that some non-SMS form of 2FA is available (possibly for business accounts but not consumer accounts?) but https://www.paypal.com/myaccount/settings/securitykeys/add only mentions SMS.

 

---

 

It appears that PayPal's only alternative 2FA to SMS is Symantec VIP Access.  Given Symantec's extremely lax security wrt certificates, I for one do not want to trust Symantec in any way.

New Community Member

Re: Google Authenticator

Hello,

 

+1, I am adding my voice to raise this issue. The 2 factor authentication throught a standard TOTP app should be on Paypal's top priority list, especially since its main activity is handling people's money! And please, do not require users to install a proprietary app, we should be able to use any standard TOTP app (I am fan of the "Authenticator Plus" app).

It looks like Paypal is not taking security seriously and is not doing is best to protect our accounts/money as it should be.

New Community Member

Re: Google Authenticator

Customers have been asking PayPal for Authenticator for years... I stunned this is still an issue with PayPal.    Here's a Verge report on how SMS is NOT SECURE.  https://www.theverge.com/2017/9/18/16328172/sms-two-factor-authentication-hack-password-bitcoin

 

Pleease add Authenticator ASAP

Tags (2)
Moderator

Re: Google Authenticator

Hello EuroTrash76,

 

Thank you for your feedback.

 

We appreciate hearing new thoughts and ideas from valued customers. By giving us your feedback, you are helping us to understand what we do well, and what we need to focus on improving. We will be sure to pass this along to make sure that the correct set of eyes takes a look at this.

 

Thanks!

Tags (1)
New Community Member

Re: Google Authenticator

Please do pass it on, Google Authenticator is superior in every way and much safer than text messages.

New Community Member

Re: Google Authenticator

Ading in my voice for the open, TOTP (time-based, one time password) standard such as Google Authenticator, Authy, LastPass Authenticator, etc.  SMS can be intercepted/hacked, and requires sensitive info be sent unencrpyted every time. TOTP sends the key once, then combines it with the time every 30 seconds for a new, endless supply of codes.  Get serious about keeping our money safe, Paypal! 

 

New Community Member

Re: Google Authenticator

This request has been hanging out there for years. I find it baffling that it hasn't been implemented yet. Can you please explain why such an obvious and widely beneficial security enhancement has been ignored for so long? 

New Community Member

Re: Google Authenticator

Agreed. And the present Symantec 2FA sucks. Paypal needs to join the 21st Century and add Google Authenticator to it's 2FA repertoire.

New Community Member

Re: Google Authenticator

I am up for this too. I dont want to use SMS auth and i really dont want to use VIP Access by symantec. I already have a authenticator app and i choose it myself, not you! What is the problem with adding the widley spread google authenticator that is also compatible with other authenticator apps? I am not going to use the **bleep** symantec app, its crap. Until there is no support for google authenticator i'll have to use a ridicolus long password (36 chars to be clear) to feel safe. I am thinking about closing my debit authorization for paypal and using direct transfer to load up my paypal balance to buy stuff...oh wait why i need paypal then....

 

We want Google Authenticator support! And we want it yesterday!