You can set-up 2 Factor Authentication inside here. It is suggested that you use Authy, Google Authenticator or Salesforce Authenticator to enable 2 Factor Authentication.
Once you have enabled them, you may add backup method if you are not able to authenticate via authenticator app. There are two backup authentication method, Scratch Code and SMS. You can enable both of them as the backup method.
For the Scratch Code, you will be given a few code. You need to store this code in somewhere safe. Each Scratch Code can only be used once.
For the SMS, you will receive the SMS code if you are not able to authenticate via authenticator app.
If you are logging in using backup method, the 2 Factor Authentication will be disable after that. So you need to set it up again.
You need to provide your old password in order to update your password. If you are registered through GitHub, DigitalOcean, or Google authentication, you need to request a forgotten password from here.