Resources Hub » Blog » New Security-Minded Features from Campaign Monitor by Marigold Campaign Monitor

This post was originally published in August 2018, and updated in October 2023.

At Marigold, we’re committed to keeping Campaign Monitor a safe and trusted application through our ongoing investment in security and reliability.

Over the last year, our product teams have been hard at work delivering a range of new features and product enhancements focused specifically on data privacy and security. These are available now across all account types to benefit all customers.

New reCAPTCHA updates to subscribe forms

Say goodbye to spambots! Whether you’re using a copy/paste subscribe form, a hosted form, or an embedded subscribe button to collect new subscribers, we’ve added an extra layer of security via Google’s reCAPTCHA service.

Implementing reCAPTCHA forms shows a huge reduction in spambot attacks and blacklistings, improves deliverability, and is essential in GDPR compliance.

Note: if you are using the HTML copy-paste forms, it’s recommended that you update your HTML code for added security, but you will still benefit from the updated Captcha until you update your form code.



Two-step verification

Two-step verification (also known as two-factor authentication) adds an extra security step to your login process. Once you log in to your account with your username and password, an additional code is sent to an authenticator app on your phone that’s required to successfully log in. 

Account administrators can also work with our engineering team to apply a mandatory two-factor authentication policy to all users (or just to all administrators). Alternatively, customers will be able to go to an in-app security page and manage two-factor authentication themselves

Reach out to your Account Manager or contact support for more information.



Subscriber permission

Under the GDPR, obtaining permission requires that any processing be done with lawful purpose. Of the options outlined by the regulation, permission is best suited to marketers and their subscribers. We’ve updated our subscriber-related features to take into account how GDPR has updated the definition and practical application of getting that permission.

Now, you can ask for permission right from your HTML subscribe forms. You’ll also be able to link to your privacy and cookie policies if you have them, directly from the form. Existing subscribers can change their own permission and subscription settings in their preference center, providing you enable the option to do so.

Extending the security of our API


provides you with the flexibility to adapt the Campaign Monitor experience to suit your specific needs. To protect your data, we have always protected API access with either OAuth or an API key authentication to prevent against any unwanted access. And now extending this, we have made two additional security updates to our API.

Firstly, to further protect your data, we recently took steps to strengthen the security of the Campaign Monitor API key format and added the ability for customers to easily update their own API key. The new key is longer and uses the latest encryption techniques.

Secondly, we have discontinued APIs that do not encrypt your data as it moves across the internet. We are now solely focused on supporting HTTPS, an encrypted version of HTTP, which offers an extra layer of security for communications between a client and server, further protecting potentially sensitive information.

Wrap up

These updates are available to all Campaign Monitor customers and they’re built to heighten account and data security and help you gather consent from your subscribers, ultimately providing a more secure email experience from signup to send. For more information, feel free to contact our team.

The top drag and drop
The top drag and drop

Drag and drop content into place with the Email Builder, then launch your next campaign.

Learn More

Case Study

How 1440 Media used email marketing to gain 1M+ subscribers and a 55%+ open rate.
Learn how
The email platform for agencies

The email platform for agencies

We started out helping agencies with email, so let us help you.

Learn more
This blog provides general information and discussion about email marketing and related subjects. The content provided in this blog ("Content”), should not be construed as and is not intended to constitute financial, legal or tax advice. You should seek the advice of professionals prior to acting upon any information contained in the Content. All Content is provided strictly “as is” and we make no warranty or representation of any kind regarding the Content.
Press CMD+D to Bookmark this page

Get started with Campaign Monitor today.

With our powerful yet easy-to-use tools, it's never been easier to make an impact with email marketing.

Try it for free