Maybe it cross refences with the IP of past logins. So it would not work from a ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		paulpauper on Nov 6, 2022 \| parent \| context \| favorite \| on: PayPal Allows Bypassing Two-Factor Authentication ... Maybe it cross refences with the IP of past logins. So it would not work from a different area.

insanitybit on Nov 6, 2022 | [–]

Nah, I haven't logged in in quite a few months and I got the OTP prompt.

SanjayMehta on Nov 6, 2022 | [–]

The article makes it clear that there's a login button which lets you login with an OTP over SMS. So if your phone is stolen or your SIM has been cloned, a crook could get into your PayPal account.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact