You may have noticed a lot of high profile website hacks in the news recently. It looks like ESPs are a new target for these types of attacks. We're working to prevent this from happening to us. They say it's impossible to protect yourself 100% against determined hackers. We think that's true, but we'd feel really bad if we didn't at least try. Here are some of the features we offer to help you keep your account secure:
- If you're changing your password, you have the option to use a strong password generator to create a really hard-to-guess password.
- We monitor logins and ask security questions whenever we think something weird is going on with your account. Kind of like an online bank might do. This means you might see a random security question pop up when you log in. Or if you haven't logged in in a long time, we may ask you to set one up.
- You can activate account security notifications to get text messages or emails whenever changes are made to your account that affect security.
- We created an app called AlterEgo to allow you to add multi-factor authentication to your MailChimp account quickly and easily. In addition to your account password, someone would need to know the current AlterEgo passcode for your account in order to get in. Bonus: A 2% discount is automatically applied to any account using AlterEgo.
- You can add as many API Keys to your account as you'd like, so you can create a separate one for every app or integration, and each can be selectively disabled. Labeling each API key for each device or app that connects to your account via the API makes revoking a specific app's access easier. Head to Account > API Keys and Authorized Apps to manage your API keys.
- If you lost a mobile device with an app connected to your MailChimp account, you can disable the app on the same page as API Keys. Click here for more information about mobile device security.
For more information about security, check out our Email Security Guide. If you think your account has been compromised, don't panic. Head over to our guide on how to handle possible breaches if you think this has happened.