Here at Campaign Monitor, we’re focused on building a beautiful best-in-class email experience that’s accessible to all marketers. We’re also committed to regularly improving security and reliability in our products, keeping Campaign Monitor a safe and trusted platform that lets you not only deliver fast and consistent email, but continue to build and nurture rich relationships with your subscribers.
Secure custom domains
For all customers, any custom domains set up and verified in Campaign Monitor will ensure all account and email-related links route through a secure (HTTPS) protocol.
For more information about setting up custom domains in Campaign Monitor or what they are, read our custom domains resource article.
Given heightened awareness of security on the internet, web browsers across the board, like Google Chrome and Mozilla Firefox shown below, are taking action to make sure people know when links they visit are not secure. Not only are the warnings off-putting to subscribers, insecure links can also pose security risks in your account.
Google Chrome’s new warnings for insecure links vary in severity:
Firefox is also making it very clear when your connection is risky:
With our secure custom domains, your links are routed through a TLS certificate to ensure your subscribers have a secure and uninterrupted experience and that your account remains protected while optimizing your account for branding or whitelabeling. This includes subscription links, content links in your email, and any account-related links like account signups and your login URL.
The best part? Secure custom domains are available in your account for free and require no additional setup. Through our partnership with Let’s Encrypt, https will be enabled automatically once your custom domain is verified in your account, and if you’ve previously verified a custom domain, it is now secure and routes through https — no additional steps are required on your end!
reCAPTCHA on subscribe forms
Say goodbye to spambots! For all of Campaign Monitor’s provided subscription options, including the copy/paste subscribe form, hosted subscribe form, and embedded subscribe button, we have automatically added an extra layer of security via Google’s reCAPTCHA service.
reCAPTCHA forms have proven to significantly reduce spambot attacks and blacklistings, helping ensure optimal deliverability as well as GDPR compliance and require no setup to enable on your subscribe forms or buttons.
Note: if you are using the HTML copy-paste forms, it’s recommended that you update your HTML code for added security on top of the reCaptcha.
Two-step verification (also known as two-factor authentication) is an extra security step in your login process. As soon as you log in to your Campaign Monitor account with your username and password, an additional code is delivered to an authenticator app on your phone that’s required to successfully log in. Even though it’s an extra step, we strongly recommend it as the security benefits are worth it.
We’re fully committed to continuously improving the security and reliability of Campaign Monitor, making it the most secure experience for both you and your trusted subscribers.
If you have any questions, don’t hesitate to reach out to our friendly support team!