Multi-factor authentication for accounts

Hi @PAULH30,

Thank you for your feedback. This is an excellent idea. I'm going to take this back to our design team. I'm also going to open this page for voting so that other customers can voice their feedback too.

Thanks!

Rob L.

We are having the same issue. Since Constant Contact does not offer 2 Factor do you recommend a workaround including a third party vendor?

Over the last week, I've seen multiple phishing attacks using what appear to be compromised Constant Contact accounts.  It's possible accounts have been compromised through password spraying or using credentials that have been obtained from other breaches (password reuse).

Since Constant Contact is considered a trusted platform, phishing emails may bypass some of the usual controls.

While 2FA isn't a panacea, it prevents accounts from being easily compromised using the methods I mentioned above.

2FA at a minimum. We would love to use SAML authentication so we can integrate with our identity management provider and their 2fa options/policies.

I agree, having the option to use SAML would help with access management.  Having the option to require SAML would be a plus.

Hi -- it's been almost a year since this thread was opened. Does Constant Contact offer an option yet for 2FA?

I would like to suggest that two-factor authentication support be added to your product.  Our account was recently hacked and an embarrassing was sent out.  

We need to secure our environment beyond username and password.

Any updates on two-factor? This has become a deal breaker for us, but we'd rather not go through the work of switching providers.

2FA should be implemented as soon as possible. As one of the larger email marketing providers and therefore a target, this must be a priority for constant contact. We will be forced to move to a different company if its not brought in soon, our customer list is too valuable. 

Very unfortunate.  We setup an account today that we will be closing since no strong authentication options are available.

For security purposes, it would be a good idea to have dual factor authentication when we log into Constant Contact.  Maybe have a code sent to a phone number to add to our passwords?

I want to bump this, but also wanted to put forth the idea that if you add 2FA for smartphone devices please add a 3rd 2fa option for other that smartphones as what happens a lot is people use their personal smartphones for this and then leave the org, and the org has trouble regaining access to the account.  So some other option besides smartphone should be made available as well.

I agree with TimF30 - It would be helpful to add an additional option for 2FA in case the primary user is away on vacation or leaves the firm.

Does Constant contact has two-factor authentication. If no, please introduce 2FA ASAP.

Hi @LarryL7067 multi-factor authentication is a new feature we currently have in beta. We also offer users the option to opt in if they request to. If you would like to be included in this beta testing please call into our phone support for further assistance. One of these agents can help take any necessary steps while maintain your account security.

Hello everyone. We introduced multi-factor authentication to customers in November 2020. We will be closing this idea. Thank you for your feedback!