Enable 2FA (two factor authentication) for PayPal
Two-factor authentication (2FA) is an extra layer of security that can be added to your user in the Control Panel, making it more difficult for unauthorized users to access your gateway.
When you enable 2FA on your Control Panel account, you will be required to enter both your normal password and a different code each time you sign in. You can choose to receive this code via an application on your smartphone or a text message (SMS) to your mobile device.
How to enable 2FA
2FA is not enabled on user accounts by default, and each user must enable it themselves. We encourage merchants to have all of their users enable 2FA for increased security.
- Log in to the Control Panel with your existing credentials.
- Navigate to Account.
- Select My User.
- Under Two-Factor Authentication section, click Enable.
- Enter your current user password when prompted.
- Scan the QR code using one of the supported apps on your mobile device, or click Use SMS as Primary.
- Enter the code you receive on your mobile device to complete the process
*If you opted to use an app, you will find the initial code there. If you opted for SMS as your preference, this code will be texted to you.
Signing in with 2FA
Once you enable 2FA on your user account, every time you sign into the Control Panel you will be prompted to enter an authentication code after your password. If you opt to use an authentication app, use the code generated by the app. If you set up SMS as your preferred method, use the code that was texted to you after entering your password.
If you opted to use an authentication app when you enabled 2FA but are unable to access the app at the time of login, you can have a code sent to your mobile device via SMS by clicking Text a code instead.
If you lock yourself out, or are unable to access your mobile device at the time of login, you will need to have your account admin disable 2FA for your user account, or contact our PayPal powered by Braintree Support team.
Supported 2 FA Apps
2FA is compatible with most Time-based One-Time Password (TOTP) applications. TOTP apps automatically generate an authentication code that changes after a certain period of time. Because they do not rely on incoming text messages, they are more reliable than SMS—especially for locations outside the US.
Here are some TOTP apps that we suggest using:
- Google Authenticator
- Duo Mobile