Looks like a Discourse code change change back in Feb 2018 brought with it a new feature: 2 factor authentication!
I had no idea it was there, but I’m excited. You can enable it for your account by clicking your profile image at upper-right, clicking the preferences (gear) icon, and then toggling 2FA on in the “Password” section. Looks like this:
It looks like Discourse supports standard TOTP, so you can use Google Authenticator, Duo Mobile, or any other standard 2FA application that supports TOTP. (This means no yubikey support, but give 'em time, I suppose.)
I highly recommend turning it on. Hell, I’d recommend using 2FA on everything you possibly can, especially stuff like your Amazon login, Dropbox and other file sharing apps, and anything else that offers it.
Turning on two-factor authentication means you’ll need your phone (or at least the authenticator app on your phone to log on. This means if you lose your phone, or if you have to have your phone replaced with a new one, your 2FA stuff will all break and you’ll need to fix it. How you fix it depends on what the sites you use 2FA with offer in the way of recovery options.
If you turn on 2fa for your account on this forum and it breaks or you otherwise can’t log on, email me or one of the mod squad directly. I can log into the admin panel and disable 2FA for your account.