First of all, I'm not a security expert so I'm talking about the end-user experience.<p>While trying to enable 2FA for my Paypal account I couldn't find the option in my settings page. This couldn't be true so I googled it.
I found a Paypal page which mentions 2FA via text message and a 3rd party website mentions Symantec's VIP. For both options you'd have to dig into the Paypal site to enable them.<p>How can it be that a payment gateway of this size makes it this difficult to enable 2FA?<p>I read that they've had their issues with 2FA but still, this should have been solveed by now.
... and, as you'll have discovered, there's no way to use an authenticator app to generate the codes. You have to use either a dongle supplied by PayPal, or setup 2FA by SMS