When users access your unmanaged VPS, cloud VPS or Flex dedicated server via SSH, they enter a username and password to log in by default.
Two-factor authentication provides an additional level of security by requiring users to provide additional information in addition to knowing the correct username and password. This information is a temporary digital password that is generated independently on the server and on a mobile device, such as a smartphone or tablet.
Therefore, in order for a potential attacker to access your server, he would have to obtain not only something you know (your username and password), but also something you have (your mobile device). This two-factor approach to logging in greatly increases the security of your server and makes brute force attacks much more difficult.