FYI: 2FA of PayPal is actually just 1FA.
You can reset your password using your 2FA phone number.
In conclusion your money is vulnerable to SMS interception attacks. It has been like that for years.
So, why is 2FA or account recovery via SMS a really bad idea, you ask?
@vidister I noticed the password length problem too...
Thankfully PayPal allows TOTP too for real 2FA
chaos.social – a Fediverse instance for & by the Chaos community