Tumblr has rolled out a new two-factor authentication option that, once enabled, decreases the likelihood of someone breaking into your Tumblr account. Rather than just a password, you will also need to type in a key generated by your Android device. We've already seen Google, Facebook, and Twitter implement this functionality, so while it's about time, it's also better late than never.
You can enable the feature through your Tumblr settings page. Once enabled, you won't be able to sign into the Android app using just your password. Instead, you will need to generate a temporary one-time key, which you can generate from the same settings page. After that, you should be good to go.