...
You can log in to the Synapse command line, Python or R clients using a personal access token instead of your username and password. Using a token is highly recommended over a username and password since a token can be easily revoked if it is compromised. Additionally, each token can be scoped so that it only grants permission to certain parts of your Synapse account, whereas your username and password have access to your whole account.
...
See /wiki/spaces/DOCS/pages/1985446156 for more information on configuring Synapse clients using an access token.
Adding Two-Factor Authentication (2FA) to your account
To increase the security of your Synapse account, you can enable two-factor authentication (2FA). Synapse uses a time-based one-time password approach, which is supported by many applications, such as Google Authenticator, Duo Mobile, Microsoft Authenticator, and Authy. Enabling 2FA on your account may be required to access certain sensitive datasets.
To enable 2FA on your account, navigate to your Account Settings and locate the Two-Factor Authentication section. If your account does not have 2FA enabled, you can click “Activate 2FA” and follow the on-screen steps to enable 2FA. After verifying the passcode generated by your authenticator app, Synapse will automatically generate one-time use backup codes for you, in case you lose access to your authenticator app. Keep these codes in a secure place that is separate from your authenticator app.
If you wish to disable 2FA, you can navigate to your account settings page and click “Deactivate 2FA”. If you disable 2FA on your account, you will be unable to download those sensitive datasets that require 2FA, even if you previously had access to them.
For cases where entering a 2FA code is not possible, such as in automated jobs that interact with Synapse using the programmatic clients, you can use Personal Access Tokens, which will not prompt for a 2FA code.
Deactivating Your Account
...