After being locked out of my PayPal account and not being able to pay for things, I realized the risks of relying on SMS two-factor authentication (2FA). Trapped without the ability to buy items or send money, I will never rely on SMS two factor authentication again.

What Happened When I Couldn’t Access My 2FA SMS?

On an ordinary winter afternoon, I tried accessing my PayPal account to see if a payment had been made. Since I didn’t have the app on my phone, I went to my computer, which was the only option. I entered my username and password, expecting the next page to be for 2FA.

I saw the standard SMS 2FA verification page, where I’d normally enter my Paypal SMS 2FA code. All was normal until I realized the code hadn’t arrived. After waiting for over ten minutes, I disconnected from the Wi-Fi to see if this was the problem before turning Airplane Mode (and my phone) on and off. But still, I saw nothing.

paypal multi factor authenticator options

After failing to get anywhere the first time, I tried sending another SMS code to my phone. Still, I received nothing. So, I tried multiple times before receiving a message that I had made too many login attempts.

To avoid locking my account, I checked PayPal’s listing onDowndetector, a website that collects user reports on issues affecting online services. Many people had reported login issues, so I called it a day and decided to try again later. However, I still had no success.

Eventually, I called PayPal’s support team. For security reasons, I was told to wait 72 hours. However, after waiting a week, I still wasn’t getting shortcode texts. I tried all thefixes for an iPhone not receiving texts, but this wasn’t the issue here.

How I Solved This Problem

At this point, I could not get back into my account. So, I called the support team again. I was informed that this was an issue on my provider’s end, so I contacted them. Since I picked the cheapest network provider, I subsequently canceled my subscription with them.

I accessed my account after contacting the support team again and set up a new 2FA method. This time, I used an authenticator app. I believe that this isthe best multifactor authentication (MFA) methodfor any service that supports it.

However, it was only after this painful process and being locked out of my PayPal due to the failed SMS 2FA process that I spotted a host of posts onRedditand thePayPal forumsregarding general issues with this method. In short, PayPal’s SMS 2FA method appears to be discontinued, with widespread reports of errors. Furthermore, once removed from your account, there is no way to reactivate SMS 2FA; once it’s gone, it’s gone. Now, I’m not one hundred percent sure if this contributed to my issues, but at no point during the process did PayPal’s support team mention this.

After changing my MFA method, I vowed never to use SMS as my primary form of verification again. Although I rarely have these problems with other forms of 2FA, this experience highlighted just how risky relying on text messaging was.