Looking for the latest product updates? What's new for Spring 2024 is now available!

Use Email As An Option for Multi-Factor Authentication

No email option for MFA? Those without a direct phone number / smart phone will have to use another mail service.

Top Answer
Frankie_P
Moderator

Update August 2022: Multi-factor authentication is an industry standard that is used by many online services to keep their customer’s data secure. Given the types of data available in your account, including your contact lists and sensitive billing information, we are requiring all accounts to set up MFAto protect your business or organization.

 

We are considering additional features to make MFA easier to manage. There are no immediate developments happening, but we are continuing to share the feedback. 


23 Comments
Frankie_P
Moderator

Hi @LaineH0

 

At this time we do not have a time estimate of when this feature will be available. Does having the users on your account enable their own authentication help fit your needs in the meantime?

CynthiaC4
Campaign Collaborator

It is NOT fair that employees must use their PERSONAL device to log in to a service that their employer uses.

And keep in mind, that since COVID, not all employees work in-office any more, so having a phone call going to main switchboard everytime someone needs to use the service is not practical or feasible. What do you want... every time we need to send something, we have to disturb the office secretary with a phone call... they get the code and then have to call us at our desk with a code? RIDICULOUS!

You need to either give the customer the option to NOT use the 2-factor system, or have the code sent via email.

I understand the concern for wanting to keep our Constant Contact site secure... but I'm more concerned about opening up my employees PERSONAL devices... make them vulnerable to the same "attack" you are worried about.

 

TribuneNewspapers

 

RPLMarketing
Rookie

I log in to Constant Contact from the same 2 computers for years and now I have to verify that these two computers are valid?!! And because we don't have work cell phones I have had to give my personal cell phone number just in order to do my work. I do not include my cell phone number anywhere in my personal web browsing activity. I don't want it out there.  Why can't we have email verification?

AngelaG63
Marketing Legend

I do NOT like using my personal cell phone to authenticate. We should have a work email option! We people are accessing the same account, and in order to sign people in, I need to have them let me know that they will be sending me a code and then I have to send them the time-sensitive code back to just log in. Worst change ever!

Frankie_P
Moderator

Hi @AngelaG63

 

Thanks for sharing your feedback on this request. With that said, the good news is your users all have their own login on your account and can all set up their multi-factor authentication with their own devices

ErinP5
Rookie

Please allow emailing as an option for MFA and only require it once a month or every 90 days and NOT EVERY SINGLE TIME we try to log into our account. We have multiple users using our CC account and not everyone is comfortable sharing their phone number or downloading an app. We also still need to use someone's personal cell phone for the main account holder. All of this has become increasingly cumbersome for our team and has forced us to explore other options.

AlanW620
Rookie

This MFA without email is ridiculous. 

 

You didn't do this for security, if you did - it would have an email option.  Also having to call in to change the MFA number is straight out of 1990.  

 

Your a technology company.  Act like it.

 

Without an email option, we will be going eslewhere...as should most companies.

LoriS401
Brand Influencer

at least to verification via email, so we dont have to be slaves to our cell phones and so we dont have to feel that you are privacy invading by demanding to know where we are (traceable phone tracking) ? also, how about you make it easier for us to get into our account even when we dont have cell phone service, such as when we are on a plane?  Did you even think of that, ie, making it EASIER , NOT harder, for your customers to do our work in CC?

JanineD71
Campaign Contributor

Your SSM is the worst. I am working on an ad and scheduled it. I logged out. I have not moved from my desk or ISP to have any location changes. I l closed the browser and realized I need to check something. Logging back in I have to start all over again with the SSM authentication. If you are going to force a service on us that most don't want and we can't opt out, at least to have it work. 

You could at least have it an e-mail option to receive the SSM. Not everyone has their phone with them at all times. REALY REALLY inconvenient. 

Lightcentre
Rookie

You MUST, immediately, add email as an option. Your current system requires a mobile phone. This is not enough. We have several of our users, who were able to access the site last week, suddenly locked out with no means for an admin to reset their MFA. Honestly, this is terrible, ill-thought out and liable to damages as many are paying for a premium service that our users can no longer access! Fix this immediately. 

 

In addition to this, as you're an international company, why is your phone support only on US time? There is a large portion of the rest of the world that cannot wait for the US to wake up.  

Updates
Introducing our new Feedback area

Our Feedback board is changing! From updated statuses to clearer processes, we're working to improve the conversation between you and our Product teams

Visit the Blog
Upcoming Webinars
Mar 28
Making it to the Inbox in 2024: What’s changed and what hasn’t
2PM - 3PM EST
Announcements
What's New?

See the latest Constant Contact product release notes and updates.

Learn More