Security

Use Google SSO for Login

When you register a new account, you can provide an email address and password or choose Sign up with Google. Using Google Single Sign On (SSO) reduces the number of usernames and passwords people need to manage to access accounts on the web.

If you’ve signed up with a username and password, you can click Use Google SSO and follow the prompts to switch to using Google.

If you’re already using Google SSO, you can click Remove Google SSO to switch to a username and password.

Two-factor authentication

Using two-factor authentication adds an additional layer of security against unauthorized access to your account. Even if a bad actor gains access to your password, for example, they still can’t access anything without also having your phone.

In the two-factor authentication section you can:

  • Enable two-factor authentication
  • Choose between SMS or an Authenticator App as the authentication method.
  • Enable a backup method for when you don’t have access to your phone
  • Choose between using SMS to another phone number or backup codes as your backup method.
  • Disable two-factor auth.

See How to Manage Two-Factor Authentication for detailed instructions.

SSH keys

SSH keys provide a more secure way to log into you Droplet and are recommended for all users. Here, you can add an SSH Public Key and name it. Once you’ve added the key here, you can select it for use when you create Droplets. If you do not add a key when a Droplet is created, you’ll need to add it directly to the Droplet.

For detailed instructions, see:

For detailed guidance adding keys to your Droplets:

Certificates

SSL certificates, for use with SSL Termination forwarding rules on DigitalOcean Load Balancers, are managed here. Certificates created and managed through DigitalOcean’s Let’s Encrypt integration are added automatically when they are created. Custom certificates or those acquired from a commercial Certificate Authority are added manually.

Security history

The security history shows actions that have been taken in your account, IP address and how long ago it happened.This includes things like user logins, resource creation and deletion, and password changes.

Personal access tokens for the DigitalOcean API and access keys for Spaces are generated and managed on the Applications and API page of the Control Panel.