Apr 2, 2015

Transitioning from AlterEgo to Google Authenticator, Plus Other Feature Updates

This week, we rolled out an update that affects the way many of you access—and protect—your MailChimp accounts.

The biggest change is that we’re phasing out AlterEgo, an app we built several years ago to help our users and employees secure their accounts with 2-factor authentication (2FA). In its place, MailChimp will now integrate directly with Google Authenticator—an application that has become the 2FA industry standard. This change will allow us to provide our users with a standard method of implementing 2FA in their accounts, without sacrificing any of the important security benefits that AlterEgo offered. It also frees up our engineers to focus more of their time on improving MailChimp.

(And don’t worry, AlterEgo users: When you make the switch to Google Authenticator, you’ll continue to receive a 10% discount for making your account—and the email ecosystem in general—more secure.)

Read on for the backstory and to learn how to make the switch from AlterEgo to Google Authenticator. Later in this post, we’ll touch on a few other changes included in our latest feature release.

The backstory

We developed AlterEgo out of necessity in 2011. We were looking for a 2FA solution to help add an additional layer of security to MailChimp accounts, but at the time, no product was able to offer the balance of security, usability, and features that we wanted. So we built our own.

In the years since, 2FA has become significantly more commonplace, which is pretty exciting. From email clients to social media networks, a growing number of websites and apps have implemented it to help protect users from online attackers, phishing attempts, and insecure passwords. And, as support for 2FA has improved around the web, so has the quality of 2FA products.

Leading the charge has been Google Authenticator, a time-based, algorithmic application that generates a new, random passcode every 30 seconds to help ensure that you’re the only person able to access your account. It’s simple, reliable, and—most importantly—secure. And since it’s the industry standard, it makes sense for our customers to use Google Authenticator with their MailChimp accounts.

Switching to Google Authenticator

Configuring Google Authenticator in your MailChimp account is easy. Just log in to MailChimp, click your profile name to open the account panel, and choose Account. Then, select Account security from the Account settings drop-down menu, click Configure Google Authenticator, and follow the instructions to complete the connection. That’s all there is to it. Once Google Authenticator is configured, you’ll be prompted to enter a freshly-generated passcode each time you log in to your MailChimp account.

authentication

You’ll have the option to enable Google Authenticator for all of your connected MailChimp accounts and make it a required step for each of the different user types associated with your account, just like with AlterEgo.

Screen Shot 2015-03-30 at 10.22.56 AM

AlterEgo will remain active for the next 3 months. If you don’t switch to Google Authenticator by July 1, you’ll lose your 10% discount and the additional security of 2-factor authentication.

Odds and ends

This release also includes a few other noteworthy updates.

  • We’ve made several improvements to automation, including workflows triggered by subscribe date, API calls, or when a subscriber joins/leaves a group. Read more about that here.
  • Two of the most common requests we’ve received following the introduction of the subscriber popup form have been for the option to modify the form’s max-width and the ability to change the color of the form’s Close link. In this release, we’ve added both of those features. They can be edited from the form builder’s Settings and Design tabs, respectively.

We’ve also created a handful of new Basic template layouts, improved the process for setting default merge values and date/phone number formats within your list, moved the reCAPTCHA checkbox from the signup form over to a customizable page on the opt-in confirmation step, added several new notifications to the pre-delivery checklist on the Confirm step of the Campaign Builder, and updated a few other things behind the scenes.

Phew! Deep breath.

These features are now available for all MailChimp users. As always, we’ll be listening closely to your feedback, so let us know what you think.