[docs] Add 2FA requirements for publishing scoped public packages

Author: shmam

content/packages-and-modules/contributing-packages-to-the-registry/creating-and-publishing-scoped-public-packages.mdx

@@ -77,6 +77,16 @@ npm install /path/to/my-test-package
 
 By default, scoped packages are published with private visibility. To publish a scoped package with public visibility, use `npm publish --access public`.
 
+<Note>
+
+**Important:** Before you can publish, you must have either:
+- [Two-factor authentication (2FA)][config-2fa] enabled on your account, OR
+- A [granular access token with bypass 2FA enabled][creating-token] (required for CI/CD workflows)
+
+For more information, see "[Requiring 2FA for package publishing][requiring-2fa]."
+
+</Note>
+
 1. On the command line, navigate to the root directory of your package.
 
    ```
@@ -111,3 +121,6 @@ For more information on the `publish` command, see the [CLI documentation][cli-p
 [cli-publish]: /cli/publish
 [pii]: https://en.wikipedia.org/wiki/Personally_identifiable_information
 [provenance-how-to]: /generating-provenance-statements
+[config-2fa]: /configuring-two-factor-authentication
+[creating-token]: /creating-and-viewing-access-tokens
+[requiring-2fa]: /requiring-2fa-for-package-publishing-and-settings-modification