ContextQMD
Back to Docker

Enable two-factor authentication for your Docker account

content/manuals/security/2fa/_index.md

18.09-release2.5 KB
Original Source

Two-factor authentication (2FA) adds an essential security layer to your Docker account by requiring a unique security code in addition to your password when signing in. This prevents unauthorized access even if your password is compromised.

When you turn on two-factor authentication, Docker provides a unique recovery code specific to your account. Store this code securely as it lets you recover your account if you lose access to your authenticator app.

Key benefits

Two-factor authentication significantly improves your account security:

  • Protection against password breaches: Even if your password is stolen or leaked, attackers can't access your account without your second factor.
  • Secure CLI access: Required for Docker CLI authentication when 2FA is turned on, ensuring automated tools use personal access tokens instead of passwords.
  • Compliance requirements: Many organizations require 2FA for accessing development and production resources.
  • Peace of mind: Know that your Docker repositories, images, and account settings are protected by industry-standard security practices.

Prerequisites

Before turning on two-factor authentication, you need:

  • A smartphone or device with a Time-based One-time password (TOTP) authenticator app installed
  • Access to your Docker account password

Enable two-factor authentication

To turn on 2FA for your Docker account:

  1. Sign in to your Docker account.
  2. Select your avatar and then from the drop-down menu, select Account settings.
  3. Select 2FA.
  4. Enter your account password, then select Confirm.
  5. Save your recovery code and store it somewhere safe. You can use your recovery code to recover your account in the event you lose access to your authenticator app.
  6. Use a TOTP mobile app to scan the QR code or enter the text code.
  7. Once you've linked your authenticator app, enter the six-digit code in the text-field.
  8. Select Enable 2FA.

Two-factor authentication is now active on your account. You'll need to enter a security code from your authenticator app each time you sign in.

Disable two-factor authentication

[!WARNING]

Disabling two-factor authentication results in decreased security for your Docker account.

  1. Sign in to your Docker account.
  2. Select your avatar and then from the drop-down menu, select Account settings.
  3. Select 2FA.
  4. Enter your password, then select Confirm.
  5. Select Disable 2FA.