I wanted to write this tip for the community to make sure everyone knows about using 2-factor authentication. I always check to see if websites I use support it. So here we go:
What is Two Factor Authentication?
Having a secure password for a website is great but having additional layers of security can't hurt. Two-factor authentication (2FA) is a way for a website to make their login process more secure. Most websites use one factor authentication (a password). The 2nd factor for authentication can be a physical device that generates a code, SMS (text message), a mobile application, or even biometric scanning equipment like fingerprint and retina scanners.
As security is a top priority for PayPal, we do support two factor authentication in some countries. Eligible customers can choose to use a variety of 2FA methods with PayPal as long as that method is compatible with Symantec (Verisign) Validation & ID Protection (VIP).
How does it work with PayPal?
PayPal refers to our two-factor authentication as the PayPal Security Key.
If you want to obtain a Security Key directly from PayPal, we offer an SMS (text message) version. If you already have a VIP Security Credential made by Symantec (Verisign), there is an option to activate that with PayPal as well.
Please note: If you wish to use the PayPal mobile app; the app is only compatible with the SMS (text message) version of the security key. For this reason, I recommend using that option to ensure compatibility with the mobile app.
After logging into the PayPal mobile application, you will be prompted to enter the code you receive via text message.
How do I order or activate a security key?
You can start the process of activating a security key by clicking the link below:
You will be asked to log in and taken to the page displayed below. Here you can register your mobile phone for the free SMS security key, or, if you have an existing physical Security Key, you can activate it here. (The physical card is no longer available, but can still be activated if you have received one in the past.) The SMS option can be activated right away. Follow the instructions on the website to complete the SMS security key activation.
Using the VIP Access mobile application:
The third option shown above can be used to activate another type of security key with PayPal. I'm going to walk through the steps of using a mobile application for your PayPal security key to demonstrate how the third option can be used.
First you will want to download the mobile application to your phone. You can learn more about the mobile apps here: http://vipmobile.verisign.com. You can also search for "VIP Access" on your mobile phone app store.
Once you have the application installed on your mobile device or tablet, you can activate this security key by clicking the "Activate" button under the 3rd option (see blue rectangles in the above image). If you need to get back to this page, click on the "Get extra protection with a PayPal Security Key now" link again and login
The next page will ask for the Security Key Serial Number as well as two unique security codes.
Open up the VIP Access Mobile app. Enter the "Credential ID" into the Security Key Serial Number box and enter two unique security codes. Example of iOS version of the app shown below:
Next click the "Activate" button on PayPal and we're done!
PayPal checkout Tip: If you are making a purchase and the website does not prompt you for the PayPal security key code, enter the security key code immediately after your password in the password box.
I hope this helps anyone looking for more information about our 2-factor authentication options.