From your dashboard, click Account β Security Settings β Two-Factor Authentication. Choose Time-based One-Time Password. Scan the QR with any authenticator app (1Password, Aegis, Authy, Google Authenticator).
Print or save the backup code. Without it, losing your phone means losing access. Recovery is manual and takes 24β48 hours.