While protecting information is a necessity, requiring MFA through phones without allowing users to opt-out shows little consideration for small companies. Every single option provided requires the use of a phone. Unilaterally deciding that all companies have phones available for every person (or even just every person that works in the email marketing account) is remarkably out of touch with a world that has drastically shifted to email and virtual meetings for communications. Not every person in a small company is provided with a phone – desk or mobile. We cannot require that employees use personal devices for work purposes. So now, small companies have two options. 1) waste money to provide all employees who use Constant Contact with a phone just to be able to access the site, (which is particularly difficult as many budgets were cut due to the pandemic currently raging) or 2) reduce the amount of people who have access to the account and can perform their required job duties. Neither option is appealing nor necessary. We need to be able to unenroll so that all of our staff can continuing performing their job duties. If you absolutely must require us to use MFA, then you have to provide options that do not all require the exact same capabilities. Six options that all require the same tool is one option dressed six different ways. A very simple addition – one that is used for authentication on a wide variety of sites – is to simply send an email with a verification code.
... View more
