i dont have a date or time when paypal stopped allowing yubikey as an option for 2fa and i dont know the reason,sms isnt secure does anybody and most passwords are only safe to use for a short time given the vaious methods of finding the password
The version used always via SMS right? https://www.paypal.com/us/smarthelp...ne-time-passcode-to-login-at-checkout-faq4568 I was looking for an option to use a OTP app , the better ones make it easier if you need to replace your smartphone
I don't understand remark about using passwords only for short time. Passwords are fine as long as you don't have keylogger/trojan malware on device and nobody is shoulder snooping or having a camera around. Second factor is an addition, not a replacement for password thus SMS 2FA, when done correctly, isn't as bad as some people think. Certainly it is not downgrading security compared to 1 factor (password/passphrase) authentication and we all used 1FA for a lot of important services for years. It is usually better to use hardware token or even trusted 2FA app on up-to-date smartphone. @XIII linked some options.
