How to enable 2FA for Docker Hub

If you're concerned about the security of your code within Docker Hub, you might want to enable two-factor authentication.

How to enable 2FA for Docker Hub

Although two-factor authentication (2FA) isn't a perfect security solution, it is certainly better than only using a password to protect your accounts. This is especially important when you work with those accounts on the go. You never know who's "listening in" on your data packets. 

Another service has joined the list of those who offer 2FA. Said service is Docker Hub. The images you've spent hours, days, weeks, months, and years working on are housed in that account and the last thing you want is for some third-party to have unfettered access to your work. 2FA can help to protect that work, and I want to show you how to enable this for your account.

SEE: VPN usage policy (TechRepublic Premium)

What you'll need

The only things you'll need to make this work are:

  • A Docker Hub account

  • An authenticator app (such as Authy)

How to enable 2FA

Log in to your Docker Hub account and then click the profile icon in the upper right corner. From the drop-down menu, click Settings. In the resulting window, click the Security listing in the left sidebar (Figure A).

Figure A


The Settings sidebar.

In the resulting window, click Enable Two-Factor Authentication (Figure B).

Figure B


Enabling 2FA in Docker Hub.

Next you must choose if you want to setup 2FA using either SMS or an authentication app (Figure C). Click Set Up Using An App.

Figure C


Choose wisely.

In the next window, it is recommended that you either download, print, or copy your recovery codes. Do this and click Next. You will then be presented with a QR code. Open your authentication app and tap to add the new account. Scan the QR code and enter the six-digit code.

And that's it. You've enabled 2FA for your Docker Hub account. Any time you want to log in to your account, you'll be required to enter a new six-digit passcode from your authentication app. 

Remember, it is important to keep those recovery codes saved and secured. Do not lose them and do not let them fall into the wrong hands, otherwise you could wind up locked out of your account or someone could gain access to the code within. You might also want to add a fallback SMS number from within the 2FA settings window, so you can gain access even if you've lost your recovery codes or you don't have access to your primary number.

Congratulations on adding another security layer to your Docker Hub account. 

Also see


Image: GitHub