Zipline now supports authentication methods like, Authy and Google Authenticator. This is done via TOTP (Time-based One-time Password Algorithm). This is a standard that is used by many services to provide 2FA.
Head over to your manage page, and if MFA_TOTP_ENABLED is
true you will see a button to enable 2FA. Clicking this button will generate a QR code that you can scan with your 2FA app (Authy, Google Authenticator, etc). Once you have scanned the QR code, you will be prompted to enter the code that is generated by your 2FA app. If the code is correct, 2FA will be enabled.
The code is only valid for 30 seconds. You may have typed in the code in the last moments of it's existence, causing this issue. Wait until the new code appears, and try again.