• Constant Contact Logo

Ability to un-enroll from MFA

Status: Acknowledged Submitted by on ‎08-19-2021 10:26 AM
173 Comments (173 New)

I couldn't even reply to this without jumping through your 'hoop'. I don't care your reasoning. I think we should have the option of opting out. I now have to figure out how this will work with our elderly people who don't have cell phones. Ridiculous! Did your insurance company demand you do this?

 

 

Top Answer
Kyle_R
Kyle_R
Administrator

‎Nov 22, 2022 8:53:14 AM

Hello,

As part of our new and updated feedback statuses, we wanted to update this idea to Acknowledged. There is a lot of feedback within this one thread in particular, some of which was implemented, a few things planned to be improved, and a few that most likely won’t be planned for in the near future.

First, some additional background information and more information as to the “why” of this change. From some of the comments, it feels like that question hasn’t been answered sufficiently. What’s so important and secure about email newsletters anyway? This had to do with a rise in attempted account takeovers the last several years. That is, a bad actor has somehow gained access to some account credentials and attempts to get into your account to send a spam or phishing email to your customers - potentially looking like it is from you. To be clear, this wasn’t due to any sort of Constant Contact breach, but potentially re-using credentials for your account that were no longer secure. Spam is a lucrative industry, and your Constant Contact account can be a valuable target because given our sending reputation, bad actors gaining access to Constant Contact have a better chance of hitting the inbox and getting their malicious messages read. Especially if it comes targeted to your list, looking like it is from your organization. So adding additional security measures protects your business, your subscribers, and it protects our service to ensure only legitimate permission based mail is being sent out. In this sense, the addition of MFA has been a big success to stop these kinds of attempts.

Now to address some of the feedback. Admittedly, this was quite a big change in a small amount of time. Some organizations shared one set of account credentials for all users of the account, so the need to change behavior to add additional individual users was new and taxing. It's worth noting that if you add more users to your account they can have their own MFA device for authentication. The MFA process also needs some time to learn your device and what a “normal” login looks like for your organization. So, when it’s initially turned on you do get prompted more than you would under normal circumstances. If you still find yourself getting prompted for your MFA method on every login and you normally log in on the same device/network every time, that is not working as intended. Make sure you are not using an Incognito window every time, or please contact our support team to work out what the problem may be.

We have made changes to our MFA roll-out plan due in part to the feedback we received. We are working on the ability for self-recovery of MFA tokens, so if you lose your old device or need to update your MFA device you can do so without contacting our support team. All feedback received is actively reviewed and considered. We will continue to assess this feedback and make changes accordingly, which we will communicate to this thread.

Read more

173 Comments
RebekahR958
Participant
‎06-30-2022 04:17 PM
‎06-30-2022 04:17 PM
I don't want to have multi-factor authentication on my account. Please tell me how to disable this feature. Thank you.
DDLsea
Participant
‎07-01-2022 06:26 PM
‎07-01-2022 06:26 PM

I don't want Multi-factor authentication.  You are forcing Constant Contact users to opt into something that will make work so much harder for us. We are looking at other service providers.

GregoryA91803
Regular Participant
‎07-28-2022 09:58 PM
‎07-28-2022 09:58 PM
This is TOTALLY UNACCEPTABLE. We'll start looking for another service right away. I sometimes log in for the email newsletters and don't have my cell phone available, or I have internet service but no phone service, and this will TOTALLY BLOCK ME from using a valid account that I pay a LOT of money to you to have. Either change this, or WE'RE OUT OF HERE ASAP. Please respond to this message so that I can see where there is a real person reviewing or this, or it has become so automated that there is no point in us dealing with constant contact anymore. BTW, I use ACT contact management and can get the email service for FREE with my acct, so that I don't have to pay constant contact for this at all. Straighten up and Fly Right,, or get back to me on how you're going to rectify this. Gregory Absten
Frankie_P
Moderator
Moderator
‎07-29-2022 03:05 PM
‎07-29-2022 03:05 PM

Hi @GregoryA91803

 

At this time users do not have the ability to opt-out of the multi-factor authentication. We apologize for any inconvenience this may cause and recommend you to vote or comment on the following posts so our teams can better understand what our customers are looking for to make this process simpler.

 

Update MFA method directly in accounts

Use email as an option for MFA

GregoryA91803
Regular Participant
‎07-30-2022 08:13 AM
‎07-30-2022 08:13 AM

AGREED - Dump the mandatory MFA. Maybe us users should create a TRIPLE factor authorization now for constant contact that they have to jump through each month if they want to process our credit card payments. ...... maybe better just vote with your wallet and go somewhere else. My ACT program is giving me free E-Newsletter capability as part of our ACT subscription.

ZandraJ6
Occasional Participant
‎07-30-2022 08:42 AM
‎07-30-2022 08:42 AM

Please allow us to opt out of MFA.  My list is not that critical.  Please.  This is a waste of time.  Furthermore, I'm not someone who wants to be tethered by a mobile phone or my email account just to login with a pin.  In addition, when I do go to my email I don't want to have to delete your redundant email notice.  Please give us the option to assess our data and decide whether we need MFA. 

KayM827
Participant
‎08-15-2022 08:00 AM
‎08-15-2022 08:00 AM

As an account holder, we need the ability to opt-out of the multi-factor authentication.  It's totally unnecessary that I have to authenticate my account when using the same computer everyday. 

FredrickP
Participant
‎08-17-2022 04:18 PM
‎08-17-2022 04:18 PM

DO NOT REQUIRE MFA. THERE NEEDS TO BE A TURN OFF BUTTON. NOT ONLY IS IT DIFFICULT TO SPEAK WITH A REAL PERSON, BUT THEY HAVE THE MOST ANNOYING RECORDING. NOT PLEASED.

SandyS374
Participant
‎08-22-2022 02:03 AM
‎08-22-2022 02:03 AM

Multi factor has prevented our team from successfully sending blasts too many times to count. With so many people on the team having to call one number, we are currently pursuing other email platforms.  If Constant Contact truly valued my privacy and security, they would NEVER entertain allowing a "login from Facebook" or "login through Google"  This is NOT about privacy and security.  The multi-factor is ONLY ABOUT ACCESS to my location, phone number and other personal information Constant Contact has NO RIGHT OR NEED FOR!  Ridiculous. 

SafetyResourceAssociates
Regular Participant
‎08-31-2022 02:27 PM
‎08-31-2022 02:27 PM

Please develop an option to stop sign-on notifications from Constant Contact.

Maybe there are situations where several people are collaborating on a campaign, but when it's just me going in and out of Constant Contact to work, the unending notifications from CC fill up my inbox. Please make a way for us to CHOOSE whether we want certain notifications. Perhaps there are some we do want, and some we don't - other software platforms offer these. Thank you.

Updates
Introducing our new Feedback area

Our Feedback board is changing! From updated statuses to clearer processes, we're working to improve the conversation between you and our Product teams

Visit the Blog
Announcements
What's New?

See the latest Constant Contact product release notes and updates.

Learn More