Looking for the latest product updates? What's new for Spring 2024 is now available!

Ability to un-enroll from MFA

I couldn't even reply to this without jumping through your 'hoop'. I don't care your reasoning. I think we should have the option of opting out. I now have to figure out how this will work with our elderly people who don't have cell phones. Ridiculous! Did your insurance company demand you do this?

 

 

Top Answer
Kyle_R
Administrator

Hello,

As part of our new and updated feedback statuses, we wanted to update this idea to Acknowledged. There is a lot of feedback within this one thread in particular, some of which was implemented, a few things planned to be improved, and a few that most likely won’t be planned for in the near future.

First, some additional background information and more information as to the “why” of this change. From some of the comments, it feels like that question hasn’t been answered sufficiently. What’s so important and secure about email newsletters anyway? This had to do with a rise in attempted account takeovers the last several years. That is, a bad actor has somehow gained access to some account credentials and attempts to get into your account to send a spam or phishing email to your customers - potentially looking like it is from you. To be clear, this wasn’t due to any sort of Constant Contact breach, but potentially re-using credentials for your account that were no longer secure. Spam is a lucrative industry, and your Constant Contact account can be a valuable target because given our sending reputation, bad actors gaining access to Constant Contact have a better chance of hitting the inbox and getting their malicious messages read. Especially if it comes targeted to your list, looking like it is from your organization. So adding additional security measures protects your business, your subscribers, and it protects our service to ensure only legitimate permission based mail is being sent out. In this sense, the addition of MFA has been a big success to stop these kinds of attempts.

Now to address some of the feedback. Admittedly, this was quite a big change in a small amount of time. Some organizations shared one set of account credentials for all users of the account, so the need to change behavior to add additional individual users was new and taxing. It's worth noting that if you add more users to your account they can have their own MFA device for authentication. The MFA process also needs some time to learn your device and what a “normal” login looks like for your organization. So, when it’s initially turned on you do get prompted more than you would under normal circumstances. If you still find yourself getting prompted for your MFA method on every login and you normally log in on the same device/network every time, that is not working as intended. Make sure you are not using an Incognito window every time, or please contact our support team to work out what the problem may be.

We have made changes to our MFA roll-out plan due in part to the feedback we received. We are working on the ability for self-recovery of MFA tokens, so if you lose your old device or need to update your MFA device you can do so without contacting our support team. All feedback received is actively reviewed and considered. We will continue to assess this feedback and make changes accordingly, which we will communicate to this thread.


176 Comments
PaulA2750
Campaign Contributor

Im so Fxxking tired of the stupid - worthless verification code BS I cant wait until we leave CC.

 

I keep getting messages from CC from all the other customers who hate this too.

 

When will CC get it ... WE DONT WANT THIS !

 

BTW ... you dont see any comments from people who like it !    

Howard,_WI
Campaign Contributor

I HATE THE MFA! I never asked to have that security feature added to our account. I wasn't given the option to have it added, and now I'm being told there is no way to disable it. I am the only person who uses our Constant Contact account, and I do it solely to send one monthly newsletter a month and maybe an occasional news/promo blurb. It is not worth the incredible inconvenience of having to receive a verification text EVERY TIME I LOG INTO THE ACCOUNT, which also then generates a confirmation email. I do not need extra texts/emails or extra steps added to complicate what should be and has ALWAYS been an easy process. We never had any security/spam issues and don't see any benefit of this feature. I want the MFA disabled immediately. In the future, when you add services/features, you should MAKE THEM OPTIONAL for your customers. 

i am having trouble turning this off
Frankie_P
Moderator

Hi @Edith.Patterson

 

At this time users do not have the ability to opt-out of multi factor. We have however merged your post into a larger thread focused on this feature request.

SenatorJarvis
Rookie

As a member of the North Carolina General Assembly, every member has this service offered to them. With the new MFA and no option to opt out, this will now create a headache for staffers and the elected officials because of the rigorous and tedious process looking for a code to be sent to one phone when multiple individuals are using the account at once. 

 

If there is no opt-out for MFA within the next 24 hours, I will be moving forward with my collogues to having the state of North Carolina cancel the constant contact agreement and be searching for a new service ..... and quickly.  

Howard,_WI
Campaign Contributor

WOW! First, thank you for merging my comment into this thread so I can see just how many complaints you've received and just how long these complaints have been coming to you with absolutely no effort to address the issue. I now will join the numerous others who have promised to find a different service. You say you are compiling the feedback you've been given. Since it has been over six months of the same complaints flooding your inbox, I would suggest you finish compiling and make the decision to make the MFA service OPTIONAL with an immediate disable feature for those who have asked for it. From what I've read, you have already lost A LOT of customers over this ridiculous issue and you are about to lose more, including me. 

RobertP4584
Rookie
how can i get rid of your annoying popups that ask me a question every time I log in? I am so sick of having to close little boxes that are in the way, the chat box, the Refer a Friend box, etc. Once I have closed it several times, your software ought to know I am not interested and should remove it. Your software is the most annoying i have ever subscribed to. I am considering posting these issues on public forums to see if others have had the same thoughts. That would be bad for your image, but I am sure there are lots of users who don't enjoy popups in their face every time they start up.
ArborMasters
Rookie
How do I remove this option?
Frankie_P
Moderator

Hi @ArborMasters

 

We apologize, at this time users do not have the ability to unenroll from multi-factor authentication. It is however a feature request we are collecting feedback on.

We have multiple users and need this turned off somehow. It's set to call one phone. That doesn't work for us. How do I turn it off?
Updates
Introducing our new Feedback area

Our Feedback board is changing! From updated statuses to clearer processes, we're working to improve the conversation between you and our Product teams

Visit the Blog
Upcoming Webinars
Mar 28
Making it to the Inbox in 2024: What’s changed and what hasn’t
2PM - 3PM EST
Announcements
What's New?

See the latest Constant Contact product release notes and updates.

Learn More