This is not an adequate response. As a security professional, I think it is a big miss that PayPal does not offer the use of an authenticator app or something like Yubikey. SMS authentication is not safe authentication. Anyone with moderate knowledge of tech can intercept the codes. If someone performs a SIM card swap, a popular attack today, your second factor is useless. For all practical purposes, you have what looks like strong authentication to those who don't know better, but it falls far short.
... View more