ftrack Review offers 2FA (two-factor authentication) for its login process, should you wish to activate it for enhanced security.
When enabled, 2FA requires a second factor to authenticate the user beyond their account password.
Logging in with 2FA
When logging in with 2FA, users first encounter the standard ftrack login screen, where they must enter their username and password. ftrack verifies these credentials against the ftrack database. If the credentials are valid, a new screen displays, asking for an OTP (one-time password).
The user must enter the generated OTP into the ftrack Review 2FA login screen.
Once ftrack accepts the valid OTP, the ftrack Review login is complete, and ftrack grants user access.
How to enable 2FA
ftrack Review’s 2FA feature can be enabled by first going to your ‘Account Settings’, which can be accessed from the lower-left corner of the interface.
Once you've opened your ‘Account Settings’, go to ‘Security’.
Press ‘Enable 2FA’. This will open a dialogue box containing instructions for enabling 2FA. The user must download and install an authentication app such as Authy, Duo Mobile, or Google Authenticator.
They must then use the authentication app of choice to scan the QR code displayed using their device. The user will then receive a verification code to enter into the ftrack Review dialogue box.
Once the verification code is entered, the user will return to the ‘Security’ page. The Security page will show 2FA as enabled for the account:
During the user's subsequent login, after they have entered their initial username and password, they will see this screen, which requests a verification code from the authentication app of choice:
2FA Backup codes
If your device containing the authentication app is lost or unavailable, you can utilise backup codes instead. Please note that this is a preemptive measure – backup codes must be accessed, downloaded, and stored at a time when the device is still available. We recommend that you store your codes somewhere safe for later use. As with your authentication codes, the backup codes are only of use to others if they also steal your password.
To generate a backup code, go to ‘Account Settings > Security’ and press ‘Generate backup codes’.
Enter a code from the authentication app, to proceed.
The backup codes are then generated and can be copied or printed for safe storage and use if your device/authentication app is unavailable.
Backup codes come in sets of 10. You can generate a new set at any point, which will make the old set inactive.
How to disable 2FA
You can disable 2FA on your account via ‘Account settings > Security’. Press ‘Disable 2FA’ and enter a code from the authentication app, to proceed.
The only administrator at my facility has lost their 2FA device and their backup codes.
Please contact ftrack support. We can get you logged in safely and securely.
I have lost my phone and cannot login with 2FA.
Use your backup codes if you have them, or ask an administrator to disable 2FA on your account from Users.
I have lost the backup codes I have stored.
Head to your account page. You can generate 10 new backup codes for safe storage. These codes will automatically replace the previously generated backup codes.
I have a new phone, how can I move my 2FA to the new phone?
Login to ftrack Studio and head to ‘My Account’. From there, you can disable 2FA for your account using your old phone. You can then enable it again using your new phone.