Browser Verification is an important security feature, helping protect access to the valuable assets in a DF Studio account. It represents a safeguard against unauthorized access if a user’s login credentials should accidentally fall into the wrong hands. The basics are pretty straightforward: if you sit down at a new computer to log in to DF Studio, you’ll need to enter a code sent to your email before you’re connected. But, as with most security features, there are trade-offs between the strictest security and the smoothest convenience. Even when Browser Verification is working as it should, it’s not uncommon for DF Studio users to ask:
Why do I have to verify my browser again?
The most common reason is that the current browser has never been verified before. If you’ve switched to a new computer, installed a new web browser application, or recently updated your operating system, the specific browser you’re using hasn’t accessed DF Studio before. Enter the verification code, and you can forget about Browser Verification for a while. If everything is the same as before (same computer, same browser, etc.), another reason might be that the verification has expired. A browser’s “verified” status lasts for one year, and then a new Browser Verification code is required. This is a standard security practice to prevent authentication from persisting indefinitely. A third reason, and one that can be trickiest to detect, relates to cookies. A “cookie” is a tiny file stored within the web browser application and readable by the website that placed it there. The Browser Verification feature is built around three elements: the DF Studio account, the browser itself, and the Browser Verification cookie.
Lastly, a Browser Verification code may be required in cases where someone (possibly the accountholder) has tried too many times to log in to the account with invalid credentials. Under these circumstances, login is suspended until a Browser Verification code has been entered, as a protection against automated brute-force login attempts.
Browser Verification and Cookies
When a browser is verified, a cookie is stored in the browser application, to allow DF Studio to recognize that web browser for one year, until the cookie expires (and the verification along with it). Without this cookie, DF Studio has no way to recognize the browser as one that’s been verified before. If the cookie is gone, or DF Studio can’t access it, a new Browser Verification code will be requested. Most of the time, the cookie remains where it should be—but there are a few ways it can become inaccessible.
- If you wipe out the cookies in your browser, for example by using the “Clear History” function.
- Opening a “Private” or “Incognito” window in the browser, or using a browser profile to access DF Studio.
- Some browsers offer an option to clear all cookies automatically, each time the browser application is closed.
- Certain security or anti-virus software offers the periodic removal of cookies as a security feature.
In general, cookie management is a manual process, and if a website uses cookies it’s not something you have to think about. However, if Browser Verification codes are being requested more often than they should be, it may be necessary to investigate the scenarios above to make sure the Browser Verification cookie remains detectable when you try to log in.
Single Sign-On (SSO)
User accounts that authenticate to DF Studio through a single sign-on (SSO) process are not affected by DF Studio’s Browser Verification feature. SSO users receiving messages about two-factor authentication or other verification processes will need to reach out to the identity provider in charge of managing the SSO account (usually the same people who manage your workplace email account).
Contact DF Studio
As always, if there are questions about accessing or using DF Studio that you can’t resolve, send a message to DF Studio Support and we’ll be happy to help.