Myriad v5.27 introduces the ability add additional security to prevent unauthorised users from accessing Myriad either locally via Myriad Playout, or remotely via Myriad Anywhere.
Sometimes known as a "2FA" or "MFA" (2-factor Authentication or Multi-factor Authentication) this requires you to enter a PIN code as well as your username and password. This PIN Code is generated by a special type of mobile app that must be installed on your mobile phone and that only you have access to, and the code changes regularly to ensure that even if someone does see that code, it will have expired before they can use it.
Important Note: You must update Myriad Playout and Myriad Remote Edit Server to v5.27 or higher to use this feature.
Myriad RVT: One-Time PINs are not available with Myriad RVT due to the way this application connects to Remote Edit Server. If you still have users using Myriad RVT and want to enforce greater security, then we recommend requiring them to connect via VPN before connecting to Remote Edit Server.
Configuring Myriad to use One-Time PINs
In Myriad Playout, click on Settings then User Management, then Directory Settings and you will see the following new options:
First, enter your Company or Station name at the top - this will be shown to users in their Authenticator Apps, so should be something that will explain to them which station this is for, particularly if you have some users who work with multiple organisations.
Next, turn on Enable 'One-Time PIN' (Multi-factor) authentication, then finally choose whether to activate OTP for users who login locally into desktop software such as Myriad Playout, or for users who login remotely into Myriad Anywhere, or for both.
Unless you have a strong security need, it may be better to not require OTP in "desktop" applications as this might cause unnecessary stress for studio users. Of course, if they have physical access to your studio and your station output, chances are you already have a significant trust in them!
Click OK to save the settings. You will need restart Myriad and Remote Edit Server on any other computers for them to pickup this new setting.
When a user next logs in they will be prompted to scan their QR code and setup their Authenticator App. If they need to manage their settings, they can do this from the Manage your One-Time PIN setting on the View menu in Myriad Playout.
If Myriad is set to Try to login to Myriad using the Windows Username option in Application settings, then the user will not be prompted for a PIN as Windows has already authenticated that username.
If you have some generic device logins that you do not want to setup OTP for, then you can bypass this on a per-user basis via this option highlit in green on the Security tab in their User account:
If a user loses access to their Authenticator App you can also clear their One-Time PIN information by clicking the Clear One-Time PIN button shown in red above. This immediately removes their PIN and they will be asked to setup their OTP the next time they login.
For more information on how users configure and enter their PIN codes, please see this article: