Some basic introduction on 2FA. You have two types of 2FA:
- SMS - you get verification code via SMS message.
- Token Generator - you use application for generating token instead of receiving code via SMS.
DigitalOcean offers 2nd solution with SMS message as fallback option.
When you enable 2FA on DO account, every time you login, you will have to enter code that application you choose generated.
Applications for generating tokens doesn't require Internet connections, so offline usage is no problem.
If you misplace your token generator (e.x. lose phone or remove app data) you can always request code to be send via SMS. In that case 2FA will be disabled and you can enable once again.
To activate it:
Login to Cloud Control Panel
Go to Setting, then Security
You will see
Enable Two-Factor auth button, click on it.
First you have to choose country and enter phone number. You'll receive SMS message with code that you need to enter.
Once you finish this, you need to scan QR with token generator application. When you do it, app will start generating codes for DO.
Enter it in field and verify it.
That's it, you have working 2FA on your account.
For token generator application, it's recommended to use Google Authenticator.