On your next attempt to login to TurboSquid (if you haven’t seen it already), you will notice a distinct difference to the experience. As a result of the recent Security Breach that impacted a number of artists, TurboSquid has implemented security features with both artists’ information and access to downloads in mind. This is designed to provide you with more control, while also preventing anyone from accessing or using your account, even if they know your password. It is important to keep in mind that no account is completely secure, but we feel that this is a solid step toward decreasing any vulnerabilities related to accessing private information.
Enabling 2-Step Verification
As an artist, you will be presented with a landing page on your next attempt to log in to TurboSquid.com. This page provides details on how to authenticate devices associated with your account.
To enable, click the Enable 2-Step Verification and you will receive an email with a code. Upon entering that code, your machine will be verified. You can also choose to have the code sent to your phone, which will require you to verify if you attempt to login to TurboSquid. Once you have entered the verification code, your “Authorized Devices” list will be updated on your My Account page.
In the future, you will only need your password when logging into TurboSquid on any authorized device.
If you wish to change this option, Enable or Disable 2-Step Verification is always available on your My Account page on TurboSquid.
Managing Your Devices
In the event that you need to make changes to the devices you have authorized relating to your TurboSquid account, we’ve made it as simple as possible. Just visit your My Account page and click to have a device removed from your Authorized Devices list. Keep in mind that if you remove the device you are currently on, you will be immediately logged off of TurboSquid.
Devices can be removed and re-added, however, you will be prompted to go through the two-step verification process once again.
Customer Download Security
We have determined that 99.99% of customers do not download files more than 30 days after the purchase of a 3D model.
To tighten the security of downloads, the ability to download files from purchases older than 30 days has now been disabled. Customers will be allowed to request access using their verified email. Once the customer has verified their email, a link allowing downloads for the next 24 hours will be provided.
Security Breach Wrap-up
The implementation of these features complete that which we set out to develop in response to the security breach. We have and will continue to monitor site and account activity.
The authorities were provided with all of the information relating to the breach. Their investigation remains ongoing.
It is important that only you have the ability to access your account details, update your password, and access to payment data and published content. Please contact TurboSquid Support if you have any further questions about these new security measures.