So logged in from the SAME laptop via the SAME ISP with a STATIC IP and so everything, that is E-V-E-R-Y-T-H-I-N-G identical, and I get a; "We detected a new login from your account iainhu from a device that we didn't recognize" message.
I appreciate you trying to detect fraud, but it doesn't seem to be working and I have used this client many times before
It would appear that Constant Contact either does not care about this issue or has no intention of resolving it. As of today, I STILL get a notification of login even when logging in from the same static IP we always use.
Hi everyone, thank you for your patience as we continue looking into this experience. This email may come in case the browser cache was cleared or VPN was used. In fact there are a few details we would like to collect:
Browser type and version are you using?
Did you clear cookies before logging in? Or login through a VPN?
What sort of plugins or extensions do you have enabled on you're not working in incognito?
"SAME laptop via the SAME ISP with a STATIC IP and so everything, that is E-V-E-R-Y-T-H-I-N-G identical"
and your suggestion is clearing browser cache or using VPN. Sorry, does "static IP" not mean anything to you?
Just to be 100% clear as clearly that explanation is clearly not enough...
Yes it was the same laptop
Yes it was the same browser
No I have not cleared cookies
No I do not use a VPN to access the net
No I am not on a dynamic ISP allocated IP, I have and use a static IP
I am using Firefox. Version obviously advances at pretty regular intervals
No I do not use any kind of plug-in or incognito add-on
So you see, when I said "everything, that is E-V-E-R-Y-T-H-I-N-G identical", I meant everything and did not mean I'd changed something. I have 20+ year experience on web apps dev and online security and so I understand what a persistent cookie is, I understand device fingerprinting, although no, I've not yet looked to see quite what you are trying. Suffice to say, you trigger false alerts. Better than no alert I guess, but not what you're aiming for.
Has there been resolution to this, or an opt-out feature/setting created. It should not rely on IP or cached information if the paying user/customer wants to disable it.
The MFA process needs some time to learn your device and what a “normal” login looks like for your organization. So, when it’s initially turned on you do get prompted more than you would under normal circumstances. If you still find yourself getting prompted for your MFA method on every login and you normally log in on the same device/network every time, that is not working as intended. Make sure you are not using an Incognito window every time, or please contact our support team to work out what the problem may be.
I do not have MFA turned on, and I've been a client using the same account for two years and I get these alerts every single time I log-in. I always have. It's alarming to get a new sign-in notificaiton, because if I'm not paying attention to when I accessed the system, I am actually concerned and have to figure out if it was me or not. It also doesn't help that the time zone it reports it in is never my time zone.
So is there any resolution on getting these to stop coming in, or making the system recognize me? Because I've never not had this alert happen.
Our Feedback board is changing! From updated statuses to clearer processes, we're working to improve the conversation between you and our Product teams