How to protect Digital Ocean account

December 23, 2016 175 views
DigitalOcean Ubuntu

I want to know what are measures available for securing Digital Ocean account. I am not talking about a droplet rather the whole account.

In my opinion, like google, Digital Ocean should start SMS-based two-factor authentication.

User Name
Passwords
OTP ( received on the registered Mobile Numbar)

4 Answers
xMudrii December 23, 2016
Accepted Answer

Some basic introduction on 2FA. You have two types of 2FA:

  1. SMS - you get verification code via SMS message.
  2. Token Generator - you use application for generating token instead of receiving code via SMS.

DigitalOcean offers 2nd solution with SMS message as fallback option.
When you enable 2FA on DO account, every time you login, you will have to enter code that application you choose generated.
Applications for generating tokens doesn't require Internet connections, so offline usage is no problem.

If you misplace your token generator (e.x. lose phone or remove app data) you can always request code to be send via SMS. In that case 2FA will be disabled and you can enable once again.

To activate it:
Login to Cloud Control Panel
Go to Setting, then Security
You will see Enable Two-Factor auth button, click on it.
First you have to choose country and enter phone number. You'll receive SMS message with code that you need to enter.
Once you finish this, you need to scan QR with token generator application. When you do it, app will start generating codes for DO.
Enter it in field and verify it.
That's it, you have working 2FA on your account.

For token generator application, it's recommended to use Google Authenticator.

I know that Digital Ocean offers Two-factor authentication. But I am not getting any clear idea. Could you help me with details exactly how that has to be setup?

Thank you. This is what I was looking. Thank you so much.

Have another answer? Share your knowledge.