I’m an active eBay buyer and seller and would like to ensure that I have my account locked down. Does eBay offer 2FA (two-factor authentication) and if so, how do I enable it?
The beginnings of eBay were during a simpler, less risky era when a password that was more complex than “1234567” was sufficient to keep your account secure. But in the ensuing decades, the Internet has become a more dangerous place and scammers have gotten quite a bit more savvy with their tricks and attacks. Nowadays an email from eBay to confirm your account security might actually be from a scammer hoping to steal your password and then take over your account.
Enter two-factor authentication. It’s built upon the simple premise that instead of verification just being based on what you know (a password) it also works on what you have (a possession like a smartphone). To be fair, it’s not entirely secure since someone who really wanted to could clone your SIM and hijack your smartphone messages too, but it’s still manyfold more secure than just a password. Not only that, but you can also use authentication apps on your smartphone so no text messaging is involved at all.
GETTING TO THE RIGHT PLACE IN SETTINGS
To start out, log in to your eBay account (a good strategy is to always type in the URL www.ebay.com) and click on “My eBay” on the top right…
Choose “Summary” from the resultant menu, then choose “Account” from the list along the top:
Click on “Sign-in and security” on the left side and you’re in the right place to enable 2-factor authentication.
ENABLE 2-STEP VERIFICATION ON EBAY
The screen you’ll see looks like this:
No surprise, click on “2-step verification” to proceed. You’ll now have three primary choices for how you want to verify yourself when you’re logging in to your eBay account:
Each of these three options has its pros and cons. Here’s what to consider:
App notification – If you’re logged in through the eBay app on your mobile device, it can easily serve as a way to confirm your identity when you’re accessing your account via a computer or web browser.
Authentication app – Probably the most secure of the options, and there are plenty of easy to use authentication apps on mobile devices now, including Google Authenticator, Microsoft Authenticator, and Authy, my personal favorite. Downside: Lose your phone and you might be in trouble.
Text me – the original 2-factor authentication method, it’s easy and straightforward and won’t glitch when you upgrade your phone (be careful to confirm your authentication apps still work after you upgrade!). Downside is that it’s theoretically possible for someone determined to clone your phone and receive these text messages, thereby nullifying any security benefits.
Since the risks of text message-based authentication are relatively minuscule, I’m going to proceed by enabling that with my own mobile device. A click on “Text me” moves the process forward…
I already have my phone number added to my user profile, but if you haven’t done that yet, eBay will prompt you to enter your number. It’ll send a code so you can verify it’s really yours (and that the phone’s in your possession). Once that’s set up, you’ll see this:
A click on “Send” and within a few seconds you’ll receive a 6-digit code on your smartphone. You’ll be prompted to enter the code, and once you do, it has a fallback security option to enable:
Again, once you click “Send code” it will email a 6-digit code to your email address on file. Enter that and…
That’s it. You’re now set up. If you had chosen the Authenticator App the process would be a bit different, with a QR code shown that you would scan with the app of your choice, but the basic steps would look identical and at the end you would also have a more secure eBay account. Well done!
TESTING OUT YOUR NEW 2FA SECURITY
Let’s test it out. Click on your name on the top left of the eBay home page:
Choose “Sign out” and sign back in. Now, after you’ve entered your login and password, you’re not logged in, you’re prompted to verify:
With the other options, you’d be told how to access the necessary code or verification screen at this point. Lost your phone? Click on “Need help signing in?” to use your fallback email address instead.
This last step is important; once you’ve verified yourself, you can now designate this particular Web browser on this computer as trusted:
I recommend that you do not trust anything other than a computer you have in a secure place. A home PC is fine, but I never “trust” the browsers on my mobile devices because what if I lost them or someone nicked ’em? It’s your decision, of course, but since you don’t sign in to your account too frequently anyway, is it really too much hassle to spend an extra 30 seconds in the process to ensure better security?
Pro Tip: I’ve been involved with eBay for well over a decade and have completed over 400 transactions. I even co-authored a book about online auctions. Find my online auction tutorials in my eBay and Online Shopping Help library.