I want to add a bank to my Paypal.

I don't text, I don't have a smart phone, I don't have apps.

Paypal insists that they have to send me a text. The problem here is that if I set up some sort of temporary access, Paypal will remember it and send future messages to this temporary access..

All that the Paypal rep can do is jabber about multi-function security. Sounds to me like a text is single function.

Hey Southy, do you know anything about this?

I have a smart phone, and I get a text from paypal,from my Bank and from Social Security when logging in. It's a great secondary way to authenticate you and provides an additional layer of security to your accounts.

Step into the future Mark

2 factor identification is SO important these days to protect your information and accounts from being hacked.

You should have it set up on every account possible. It isn't that big of a deal to get texts on a cell phone. You don't even need a smartphone for that. And with Paypal, you can do everything from the website. You don't need the app.

It's a shame this site doesn't have the ability. Lots of private information being exhanged here, and models are a very big target for being hacked.

I use Paypal.  All communication is via email.  All transactions are done on their website with my laptop.  Their emails give me an option to use my phone to complete a transaction, but I never use it.

I use Paypal and have done so for a very long time.  They send a text verification code or an email to you to confirm your identity before giving access.  I greatly appreciate the double ID check for security process before access.   When attempts are made to hack my account, I want to know.  When someone somehow makes a suspicious charge on my credit card, I like to be notified. Don't be afraid to use it!

And thanks to everyone for all the instruction about "2 factor identification". That's all that the Paypal customer rep was able to talk about, over and over and over.

Just send a verification code to my email like everyone else does.

I should mention that I do not use a Hotmail or Gmail email address.

I hate to say it, but as time goes on, there might not be any choice.

In my particular case, a required verification code is sent to my smartphone every time I log into a Canadian or BC Gov't service with personal information (taxes, etc), my banking, cable or cell phone accounts, etc.

Some services don't require it if they detect that you are using the exact same computer, browser and IP location information that have been verified in the past.  But as soon as any of those factors change, they immediately switch back to the 2 step verification process.  And if you are making any significant change to any of the accounts, they definitely want additional verification.

Too many accounts out there (with personal information) are being "hijacked", or at least attempts are being made.  So they all seem to be jumping on that bandwagon...

This post that I made on Facebook might be useful here.

So I've been noticing a number of my friends getting their Facebook accounts hacked lately.  Obviously this is not a good thing, but did you know that in many cases, it's preventable?   Follow these few simple tips from your friendly neighborhood IT Security guy and you'll dramatically lower or even eliminate the risk of getting your account stolen:

1. Don't use the same password you use anywhere else.  I find the easiest method is to pick a nonsense word that appeals to you and that you'll remember (but isn't in the dictionary) and use that as a "base" word, then add a word that makes you think of the site in question that the password is for, but isn't that exact name.   So if my base word was "Booga", I might use some numbers (many sites require numbers and capitals), and so it becomes "B00ga", and then add something that reminds me of Facebook - "faces", say - then add some punctuation.   So my password for Facebook might become "B00gafaces$"..   My banking password might be "B00gamoney$", and my credit card might be "B00gacard$", etc. 

2. Use multi-factor authentication (MFA).  If your password does get compromised anyway, using two-factor authentication (something you know AND something you have) can prevent someone from actually logging in.   Many sites will send a text message with a code that you have to enter, but this is vulnerable.  Instead, download a "time-based one-tie password" (TOTP) app like Authy (https://authy.com/features/setup/) and set it up on your favorite devices and link it to your favorite sites - most support it.  Any time you log in from a new location or machine, you'll be asked for your username, password, AND the current one-time password, which will rotate every 30-60 seconds on average.   It's easy to use and free.    Google Authenticator is another good option.

3. However, if you want to be VERY secure - maybe for your most sensitive accounts - you might want to use a hardware key instead of TOTP for those sites that support it.   I like Yubikey by Yubico.  It comes in several different form factors and can be bought on Amazon.  It will cost you from $30-$0 depending on which you choose, but it's security money well spent.  PRO TIP:  Buy two, set them BOTH up for your accounts.  Use one daily and keep it with you, and leave one in a safe or other secure location - just in case you lose the primary one.  You can then log in with the backup, remove the primary from your accounts, and buy and register a replacement.

4.  Consider using a password manager.  I like 1Password (https://1password.com/).   It will store your passwords (and optionally generate VERY strong ones), and all you need to remember is - you guessed it - one password.   Everything is encrypted and can be securely shared cross-platform, so it works on your computers and mobile devices.   There is a subscription fee, but this is even more secure than my password tip in #1.  (Use that tip for this password instead!)
If you want to be as secure as is possible/practical right now, combine these tips:

Use 1Password
Secure your 1Password account and apps with 2 Yubikeys
Let 1Password create and store VERY strong passwords for the sites you use - and enable MFA for every site that supports it.
Where you cannot use a hardware key, use TOTP instead.
DO NOT USE TEXT MESSAGE AUTHENTICATION. 

Now for the bad news: Many/most/all? financial institutions do NOT support MFA!   If yours doesn't, push them to do so.  It's absurd, but both of my banks and all of my credit card accounts support text messaging MFA at BEST - and the one notable financial exception is PayPal, but they do not support using multiple hardware keys.   It's absurd to me that those who should be arguably the most secure are doing less than social media sites.  If you find yourself in the same boat, then do as I do and complain!

Feel free to share/repost this info.