NOTE: This notice is not related to any security incident Autodesk has experienced, but we are providing this information as a courtesy to you as an Autodesk customer.
Autodesk has noticed a recent increase in threat actors targeting media and entertainment organizations, where these suspected threat actors are taking advantage of compromised credentials from public data leaks to attempt access to unsecured user accounts.
We are committed to privacy and security and helping our customers protect their design & make data; therefore, as a precaution, we strongly recommend you take the following steps to better secure your Autodesk account:
-
Enable Two-Factor Authentication (2FA): If you haven’t already, for an additional layer of security, we recommend using an authenticator application, such as Microsoft Authenticator. Learn how to enable 2FA here.
- Enforce Two-Factor Authentication across for all site users: 2FA can be enforced for your Flow Production Tracking (FPTR) site. This can be done by FPTR site administrators by going to Site Preferences → Security and setting Enforce Two-Factor Authentication for Autodesk ID to “Yes”. Learn how to enforce 2FA here.
- Enforce Two-Factor Authentication across for all site users: 2FA can be enforced for your Flow Production Tracking (FPTR) site. This can be done by FPTR site administrators by going to Site Preferences → Security and setting Enforce Two-Factor Authentication for Autodesk ID to “Yes”. Learn how to enforce 2FA here.
-
Use Strong, Unique Passwords: Ensure your password is at least 12 characters long, incorporating a mix of letters, numbers, and special characters. Avoid using easily guessable information, such as names or birthdays.
-
Avoid Reuse: Do not use the same password across multiple sites or accounts to minimize risk in case of a breach.
-
Utilize a Password Manager: Use a reputable password manager to securely store and generate strong, unique passwords for all your accounts, reducing the need to remember each one individually.
-
Rotate FPTR API keys: Rotating your API keys on a regular basis reduces the window of opportunity in which a key can be abused should a threat actor get hold of it.
Please see this Knowledge Center Service article to learn more about account security controls and best practices.
If you have any questions or need further assistance, please contact Autodesk Support.