The invention discloses a dynamic digital copyright protection method based on dual identity authentication, comprising the following steps of: downloading a digital certificate of a user into a USBKEY internally provided with a random number generator; when a user logins, after placing the USBKEY into a client end, activating the USBKEY according to the input PIN code command, acquiring the digital certificate in the USBKEY, when the digital certificate is valid, generating a random number sequence by the random number generator, when the signature information of a signature of the user to the random number sequence is right, playing or downloading media works files on line according to the user right specified by an expansion item of the digital item; and when the user does not login, after placing the USBKEY into the client end, activating the USBKEY according to the input PIN code command, acquiring the digital certificate in the USBKEY, and when the digital certificate is valid, playing media works files off line according to the user right specified by the expansion item of the digital item. The method can restrict the user use right and divide the user right range and is used for authenticating the off-line state user identity to prevent off-line diffusion.