2FA (Two-Factor Authorization) is a great way to prevent your NAS from being hacked without authorizations. Synology provides different ways for 2FA. I personally prefer using authenticator apps for the code. You can also set up E-mail, SMS services. But E-mail has to be set up first for other services to be activated.
In Control Panel -> Users -> Advanced settings, check “Enforce 2-step verification for following users”. And you’ll be brought to the setup wizard. If you haven’t set up E-mail notification service yet, you’ll get a notification saying that you have to set it up first.
The first step you have to do is to set up an e-mail method to send the verification code. This is the fall back option if you set up more options and when they fail. The system will set up everything automatically for Gmail or Outlook. For other email service providers, you’ll have to put in SMTP details manually.
After that, in the 2-Step verification Setup Wizard, you can follow the steps to set up an authenticator app. I personally use Dashlane, as it is my password manager and everything will be put together. Or you can use Google Authenticator (on both iOS and Android).
Use the authenticator app to scan the QR code:
And you app will generate a 6 digits code which has an expiration time on it. Within that time frame, put it in the prompt in the wizard:
And you’ll be all set.
Every time you log in, after you type in your username and password, you’ll be required to put in the 6 digits code generated in the authenticator app. If that stops working somehow, you can always fall back to the email service, which will send you an email containing the 6 digits code required.