2 min article

Tips for keeping your eBay account secure

The safety of your personal data is our top priority, so we take a number of measures to protect your account. There are also some simple steps you can take to make your account more secure.

Here are some things you can do to help protect your eBay account and keep your personal data safe.

Keeping your data secure

We protect your personal information and on-file banking credentials at all times using strong security measures such as:

  • Data encryption
  • Security firewall layers
  • Physical safeguards within data centres

There are some simple steps you can take to make your account more secure, such as changing your password regularly, enabling 2 Step Verification, and keeping your contact information updated.

To add an extra layer of security to your eBay account, we recommend you enable 2 Step Verification. Once you've switched on 2 Step Verification, each time you sign into your account you'll be able to confirm your identity via an eBay app push notification, or by entering a code we send you by SMS. Here’s how to add 2 Step Verification.

Our security standards are in line with global regulatory requirements. Learn more in our Security Centre.

Change your password regularly

To keep your account secure, we recommend updating your password regularly. Choose a strong password that's difficult for others to guess.

Follow these tips for creating a strong new password:

  • Avoid using personal details such as your name, birth date, or user ID
  • Consider using a phrase (for example, a song lyric or book title)
  • Use numbers and special characters
  • Don’t use the same password that you use on other accounts

If you think your eBay account has been compromised or hacked, you should change the passwords for both your eBay account and personal email account. Your email password should be different from your eBay password.

To find out more, read our article on changing your password.

Passkeys

Passkeys are an alternative to passwords that allow you to sign into your eBay account using biometric authentication such as a fingerprint, pattern, or PIN.This means you don’t need to enter your password, and it will help protect your eBay account against unauthorised access.

You can set up passkeys from the prompt after you sign in or from the Sign in and Security settings in your eBay account. You can also disable the passkey option in your Sign in and Security settings.

If your passkey fails, you'll receive an error message and be prompted to log in using your username and password.

Verifying your identity with multi-factor authentication

To ensure we keep your eBay account secure and to comply with EU and UK legislation, you'll be asked to verify your identity more often using multi-factor authentication.

Multi-factor authentication is different from 2 step verification, which is optional and only happens at sign in. However, multi-factor authentication is mandatory and may be required at certain times such as when you initiate a refund, update your on-file payment method, or update your email address, phone number and more. It's an extra layer of security to ensure your account is protected.

For example, you may be required to enter your password, provide a one-time passcode or approve a push notification to your trusted device. If you're having trouble receiving the code by text/call/email, restart your mobile device and try again to help resolve the issue. 

If you have employees who manage aspects of your eBay account, you'll need to ensure they can all log in and complete authentication with their own details. For more information, see our article on Multi-user account access.

Tip
If you can’t log into your eBay account because you haven't updated your phone number, contact us to let us know. We’ll verify you’re the account owner and update your phone number so you can access your eBay account.

Add 2 Step Verification

Once you've switched on 2 Step Verification, each time you sign into your account you'll be able to confirm your identity via an eBay app push notification, by entering a code we send you by SMS, or a one-time password generated by an authenticator app.

Here's how to add 2 Step Verification on the eBay app:

  1. Download the latest version of the eBay app.
  2. Sign in to your account.
  3. Go to My eBay and tap Settings.
  4. Go to Sign in and security and then choose 2 Step Verification.
  5. Tap Turn on beside Use the eBay app.

Here's how to set up 2 Step Verification by SMS:

  1. Sign in to your eBay account.
  2. Go to your name in the top left-hand corner and choose Account settings from the dropdown menu.
  3. Select Sign in and security.
  4. Select Edit next to 2 Step Verification.
  5. Select Use text next to Text messages on mobile.
  6. Follow the on-screen prompts to add your mobile number.

Here's how to set up 2 Step Verification using an authenticator app:

  1. Sign in to your eBay account.
  2. Go to your name in the top left-hand corner and choose Account settings from the dropdown menu.
  3. Select Sign in and security.
  4. Select Edit next to 2 Step Verification.
  5. Select Authenticator App.
  6. Install the authenticator app from your phone’s app store. We recommend Google Authenticator, Microsoft Authenticator, or Authy.
  7. Scan the QR code to add eBay to your authenticator app.
  8. Confirm the 6-digit code generated by your authenticator app on eBay.

If you change your mind and would like to switch 2 Step Verification off – or you'd like to change from SMS to app notifications, or authenticator app – simply follow the steps above to turn off the function. We'll also send you an email to let you know when you've switched 2 Step Verification on or off.

Receiving invalid code error

Ensure you leave your browser window open until the email code is received. Don’t leave the sign in page, close, or click back on the browser, otherwise the old code will be revoked and you will receive the error message.

General troubleshooting for SMS and email issues

  • 15-minute code delivery window – Make sure to enter the code with the 15-minute window. The code is invalid after 15 minutes. Be sure to check your spam folder if you’re not seeing it in your inbox
  • SMS/Text message – Make sure you can receive SMS/Text messages and that you have proper reception before sending the code. Landlines are not supported
  • Are you using multiple SIM cards – Make sure that the SIM settings are set to either SIM1 or SIM2, depending on which one the proper number is
  • Network type of the mobile phone – Make sure you have the proper network type selected in the settings. Usually this should be "Automatic" and selecting from G3, G4, or G5
  • Do you have a PIN verification system – Make sure to use your system verification PIN to login. (Face ID, Fingerprint, Windows 10/11 PIN, etc.)
  • Is SMS encryption setup – When using apps like Signal or Treema, some users do not receive our SMS

Add a trusted device

If you see 'Remember this device' when you sign in using 2 step verification, you can select the link to add your device as a trusted device. Next time you sign in using the trusted device, you may not be prompted for a 2 step verification,  but your account will still be secure.

Keep in mind that if you change your 2 step verification method or remove a trusted device, you’ll need to follow the steps to add the trusted device again. You can add up to 100 trusted devices to your eBay account. You can check your trusted devices at any time by visiting the Safety Centre.

Update your contact details

It's important to keep your contact information up-to-date to help us reach you quickly with any updates about your account.

If you change your address or phone number, or set up a new email address, please update your contact details as soon as possible so your account information remains correct.

Read our article on Changing your contact details for more information.

Watch out for spoof or phishing emails

Spoof or phishing emails are emails that claim to be from eBay and are sent with the intent of accessing your passwords and other sensitive information. If you receive a suspicious email claiming to be from eBay, you should immediately forward the message to us at spoof@ebay.co.uk. Don't click any links in the email or open any attachments. We'll let you know that we received your email and will investigate.

Find out how to spot suspicious emails in our article on Recognising spoof emails.

Report any strange activity on your account

It's a good idea to check My eBay - opens in new window or tab and your preferences - opens in new window or tab regularly to make sure no one has accessed your account or made changes without your permission. Check your active bids and listings in My eBay - opens in new window or tab to make sure they're yours. If anything has changed without your authorisation, contact us straight away.

We'll notify you by email if a new device is used to sign in to your account that hasn't been used to access your account before. If you don't recognise the login details, contact us to let us know. You should also change your password.

If you think someone is trying to take over your account, for your protection, we may place a temporary hold on your account until we can safely return control of it to you. We can also help you remove any unauthorised fraudulent bids or listings.

Tip
Signs that your account has been taken over include seeing listings or bids that you didn't make, or noticing that your password has been changed without your knowledge. For more information, read our article on Getting help with a hacked account.

Keep your account secure by changing your password regularly, updating your contact information, and watching out for spoof emails.

Was this article helpful?

Related help topics

See other articles in: