Skip to main content

Two-factor authentication (2FA) is now available in ftrack Studio 4.3 and ftrack Review. Below, our CTO Magnus Eklöv, takes a closer look at this new feature, how to use it, and why we’ve introduced it.

We’re on the cusp of a new decade, and the creative technology we use as we teeter on the edge of 2020 is a great deal different than that of 2010.

When this decade started, global workflows were possible, yet they were unproven and untested. Fast-forward to today and a distributed approach is not only the norm but a necessity. A global infrastructure props up much of the work we do: tools are advanced enough to send massive, complex files from one end of the globe to another with a click; creative companies can find the best third-party talent and work with them across oceans; studios can optimize output via a chase-the-sun, 24/7 production cycle.

However, these benefits came with a proportionate escalation in threat to security. And this is something we think of a great deal at ftrack.

Our tools are built to expedite today’s remote, distributed workflows, but they’re also built to keep all creative content secure and free from prying eyes. The security of all content is of fundamental importance to us. That’s why we continue to have our services evaluated, to pass assessments by content protection initiatives like the Trusted Partner Network, and to add new security features into ftrack Studio and Review – incuding features like two-factor authentication.

Two-factor authentication (2FA) in ftrack

Implementing 2FA login to both ftrack Studio and ftrack Review is another step forward in our ongoing security strategy. We want our users to feel even more confident that the great work they produce remains behind locked doors, and 2FA is a sure way of making that happen.

With 2FA – introduced in our ftrack Studio 4.3 release – users can add a second verification layer on top of user passwords as part of the identification/login process. Working this way, the user logging in must access another physical device (mobile, desktop, or other) to confirm that they are 100% the right person attempting to login to the ftrack account.

Prioritizing security at ftrack

Considering the way that we share and distribute work, using a password alone to prove identity is not enough. The creative process takes place over open networks and uses services in the cloud, and there are too many people with bad intentions looking to steal data for profit.

Passwords can be effective against this threat…if you use them effectively. If you’d like to know more about secure passwords, be sure to read this blog by Charlotte Empey. It offers plenty of great advice on creating passwords that can’t be brute-forced.

However, I find it’s easier to act more safely when using a workflow that uses secure authentication by default. Remember 1996’s Mission Impossible? There’s that fantastic CIA heist scene in which Ethan Hunt dangles upside down, making his way past a vault’s exceptionally advanced security systems and towards its central computer. I believe Hunt would have faced an even harder challenge had he then found himself face to face with the 2FA workflow we have implemented in ftrack.

Keeping your data secure from intruders (although probably not those hanging from a ceiling) is what 2FA is all about.

How to use 2FA

We have based ftrack Studio and ftrack Review’s 2FA workflow on best practice. To use the 2FA feature in ftrack, you must first activate the feature in ftrack’s account settings. Next, ensure you have a mobile phone or another device with an authentication app installed and prepared.

(There are many authentication apps to choose between; select one that your head of IT recommends or the one that best fits your needs. A few commonly used apps are Authy, Google Authenticator, Microsoft Authenticator, and Duo Mobile. They all work a little differently. I prefer to use Authy. It works well on almost any device, and since I use all kinds of tech, I can use it on all my devices: iOS, Android, Mac, and Windows computer.)

To login in using 2FA:

  1. Open your ftrack login screen
  2. Add your credentials, login name, and password
  3. We will verify these credentials against the ftrack database or LDAP source. If the credentials are valid, a new screen will display, asking for a code (a “one-time password” or “OTP”)
  4. Use your device and authentication app to generate the OTP
  5. Enter the OTP generated from your app…and you’re in!

2FA adds a small step to your login process, but the security reinforcement this process introduces is considerable.

We’re working in a more open, distributed industry than ever. Security should not be an afterthought; it should be your priority. You can never emphasize the importance of security enough to your team, so please consider adding it when you’re up and running with ftrack 4.3!

Read our documentation around 2FA in ftrack

ftrack recently acquired Cospective, creator of cineSync: the industry’s most secure synchronized media review and approval tool. Learn more about cineSync and its security features.

More from the blog

360 video review comes to cineSync

| Announcements, cineSync, News, Product, Release | No Comments
cineSync’s April 2021 update is now available, featuring 360 latlong video review, animation ghosting, and more.

FMX Live Q&A: Creating From Home

| Events, Remote | No Comments
Join our virtual FMX workshop on 6 May to discuss Creating From Home with Hasraf 'HaZ' Dulull, Dr. Diana Arellano, Kate Gabriel, and Hugo Guerra.

8 tips to make your team’s Houdini FX builds more efficient

| Integrations, Studio, Tips & tricks | No Comments
Houdini expert Kate Xagoraris covers eight tips to improve Houdini setups, maintain consistency, and make better work, faster.

The 10 commandments of working in animation with Boulder Media

| Productivity, Studio, Tips & tricks | No Comments
Leading Irish animation studio Boulder Media talks through 10 guiding animation tips to help your team get the most from their work.

5 tips to keep your compositing team productive

| Integrations, Productivity, Studio, Tips & tricks | No Comments
Josh Parks, senior compositor at TRIXTER, reveals how supervisors can help keep their compositing teams feeling happy, productive, and efficient.

International Women’s Day: Animated Women UK and their plans for change

| Q&A | No Comments
Animated Women UK Co-Chair Beth Parker and Achieve Programme alumni Noga Alon Stein discuss gender equality, motherhood, and work-life flexibility.

Christine Neumann – The six principles of low-stress VFX production

| News, Productivity, Q&A, Studio | No Comments
Christine Neumann, Head of Production at TRIXTER, reveals how to keep teams stress-free while negotiating the challenges of VFX production.

Watch the ftrack 2020/21 Customer Showreel

| cineSync, Company, News, Review, Studio | No Comments
Introducing our latest customer showreel, featuring the insanely talented users of ftrack Studio, ftrack Review, and cineSync.