What Is Two-Factor Authentication (2FA) & Why Do You Need It?

The best way to protect your digital content is to rely on a quality DRM software that will grant you the ability to choose a set of permissions and restrictions that align with your needs. An important element of any DRM software is, of course, password management and how users access protected content. It’s crucial to have a strong password strategy in place to prevent hacking, and it’s important to prevent your users sharing their credentials with unauthorized individuals. Two-factor authentication (2FA) is the best way to do this.   

What is 2FA and how does it work?

Two-factor authentication (2FA) refers to a login process in which the user has to provide more than just their password in order to be authenticated. When 2FA is enabled, logging in becomes a two-step process in which a second, unique form of verification (aside from credentials) is required. It works very well in preventing unauthorized individuals from accessing accounts and content by requiring two different types of authentication from the user. 

When a user tries to log into their account, they’ll need to provide a second form of corroboration that it actually is them trying to log in and not someone else. Access, then, will not only depend on successful authentication of credentials (i.e username and password, or email and password), but also on a one-time unique code or PIN number that is sent only to the user that wants to access content. 

Not only does 2FA prevent users from sharing their credentials around, granting access to unauthorized users, it also offers protection in the event of passwords being compromised. It adds a second layer of security to your processes.

Why do you need 2FA?

As someone who develops and distributes digital content, you need to make sure that the content you provide is only accessed by authorized users. You need to keep your intellectual property secured by staying in control and keeping your content exclusive. By making 2FA a part of your content protection strategy, you can successfully prevent hackers from breaking into your users’ accounts and tampering with your content, and you can prevent users from sharing their credentials and granting access to individuals who have not paid for your content, or who could be interested in copying and sharing it illegally. 

By adding an extra layer of security, an advanced DRM setting like two-factor authentication can take your content protection strategy to the next level. Realistically, your security efforts and all the policies and restrictions you apply to your content will be pretty much obsolete if the gateway to it is not thoroughly monitored and controlled. If anybody can easily share their password or if accounts can be easily hacked, then adding DRM controls won’t do much good to keep your IP secured. This is why you should opt for a solution that includes 2FA as well as strong password considerations.

How can Vitrium help?

Vitrium offers exactly this. A solution that not only allows you to add advanced DRM controls to your content, but also provides a method that guards the entryway to it, so to speak. With our software you can now enable two-factor authentication on your account, for admin users, for end users, or, ideally, for both. 

Enabling 2FA for your admin users is important as it will determine how secure your portal is, it will keep your organization safe from potential hacking attempts, and will guarantee that only administrators have access to your Vitrium account. Additionally, enabling 2FA for your end users can be the deciding factor in determining whether or not your content is kept exclusive. If end users cannot share their credentials with other individuals, it will be significantly harder for them to unlawfully copy or share the content they consume (provided that you have a set of strict DRM policies in place). To strengthen your content protection strategy, we highly recommend enabling 2FA in your account for both administrators and end users.

You can choose to enforce 2FA upon the first login only, or you can select to ask for a secondary verification method each time a user logs in. If you decide to enforce it on first login, the information will be stored in the cookies of whichever browser the person is using, so if they switch devices, or use a different browser, they will have to go through the process again. If you enable 2FA for each login, the user will have to enter the verification code each time their session expires (i.e. each time they log out). 

In both instances, after entering their credentials users will receive a unique code in their email (whichever email they've been added into the Vitrium system with), and will be asked to provide this code before being granted access.

To set up 2FA in your Vitrium account, simply follow these steps:

1. Log into your Vitrium admin portal
2. Go to your "settings" tab
3. Click on SMTP settings
4. Click on "Add SMTP setting" & fill out the required information*
5. Go back to your settings tab
6. Click the "security settings" option 
7. In the "end user settings" list, tick the 2FA box
8. In the "staff user settings" list, tick the 2FA box 
9. The Vitrium software will check if all users in your account have valid email addresses
10. Done!

*you'll have to select an email address from which the codes will be sent and configure this address within your admin portal. 

 If you'd wish to learn more about our new two-factor authentication feature, or need help setting it up, don't hesitate to get in touch with us, we'll be happy to answer any questions you have.