error
Feature Updates: Multi-factor authentication released since this video was produced.


Check out this article to learn more.

HomeGetting startedSet up > Account security options
Home > Set up  >  Account security options
Account security options
This lesson covers all the tools you can use to keep your business data secure: passwords, roles and permissions, IP address verification and more.
Instructor Image
Course Instructor
Sara Hetyonk
In this lesson you'll learn:
  • Best practices for creating a password
  • The way to securely share login credentials 
  • How to use Ontraport’s roles and permissions tools 
  • Tips for managing API access 
  • How to set up IP address verification
Comments
[Block//Author//First Name ##cap_first] [Block//Author//Last Name ##cap_first] on [Block//Date Added %F j, Y g:i a%+0d0h0m]
[Block//Comment]
Leave your comment
settings
settings
settings
settings
14-day free trial. No commitment.
Start your free trial to start growing your business with Ontraport.
Related resources
[Block//Resource Type]
[Block//Resource Description ##ellipsis(166)]
arrow_forward
Read more
Transcript
You have lots of tools that keep your Ontraport account and data secure. In this video, I’ll talk about what these tools are and how they keep your business safe.
 
I’ll go over passwords, roles and permissions, API tips and IP address verification. These tools make it harder for hackers to steal your data, impersonate you or delete your account. This is big stuff — so it's important to know how it all works.
 
Let’s get started.
 
First things first — account security starts with your password. The password to your account’s Admin seat gives total access to your account. With that in mind, you’ll want to do three things to keep it secure:
 
First, make your password complex — the longer, the better. We recommend setting a password no less than 10 characters. Use a combination of capital and lowercase letters, numbers and symbols.
 
Once you’ve set your password, don't recycle it on different platforms. If a hacker figures out your password on one platform, they’ll try it everywhere else, too. To keep things secure, pick a unique password for every platform and login.
 
Finally, don’t share your Admin password with anyone — even on your team. Instead of sending your login to a teammate, we suggest setting up a new user seat for them. We’ll cover that next.
 
If you need to share logins, use a secure sharing tool that keeps your password private, like LastPass. Your Admin login is like a key to your whole business. When someone has it, they get complete control over your account and all its data.

Beware though: we’ve had account holders share their logins with virtual assistants via lastpass, only to have the assistant get their Lastpass account hacked… opening the entire account to the hacker.
 
So, a better plan is to use Ontraport’s built-in roles and permissions tools to manage access.
 
Whenever a teammate or consultant needs access to your account, add a new user seat for them. Set it all up so that users have only the required permissions to get their jobs done — no more, no less.
 
For example, designers only need access to your pages and email tools. They don’t need your contact list or sales information, so you can limit their access to that stuff. The same goes for sales reps who need access to your contact list, but not your pages. This is a great practice for managing your team and keeping your account organized.
 
If you want to learn about this in more detail, check out our Adding Users and Setting Permissions video.
 
Now let’s talk about managing API access. Ontraport has a robust API that gives you insane flexibility for custom integrations. This flexibility also comes with unlimited access to your account — which can be risky in the wrong hands. To avoid this, never share your API credentials unless you have to. Even then, make sure you only share it with people you know and trust. Ontraport will never ask you to share this information.
 
Hot tip: Be sure to generate your API key with a user seat that has the right permissions set. Your key will adopt the same access levels.
 
So now you know how to pick a strong password, set your team’s roles and permissions and secure your API. The last thing you can do is require extra verification from any unfamiliar IP addresses.
 
This means that even if someone does get access to your username and password, they won’t be able to log in unless they’re physically sitting in your house or office. And that would be weird.
 
With this feature turned on, users will need to confirm their identity via email before logging in from a new IP. This keeps your account a lot more secure. Even if a hacker figures out your password, they'll also need access to your inbox. Otherwise, there’s no way for them to confirm the login and get into the system.
 
This feature is on by default when you open your Ontraport account — but you can always turn it off, if you’re a risk-taker. To edit your settings for Email Verification or IP Address Restrictions, go to the Security section of your Administration area.
 
Last tip: At some point, you might need to revoke access for a specific IP. Go to Manage Users, click on a particular user and pick whatever IPs you’d like to block.
 
There you go! That’s everything you need to know to keep your Ontraport account safe.
 
This stuff takes a bit of time to understand and set up. But that investment will pay off in the long run by keeping your business safe and secure as you grow.
Get started with Ontraport for free
Start gaining the skills to grow your business faster
settings
14 days free. No commitment.
Google Review Trustpilot Review G2 Review Capterra Review
Get started with Ontraport for free
Start gaining the skills to grow your business faster
settings
14 days free. No commitment.
Features
Company
Resources
Live events
Access
© Ontraport 2024
playlist_add_check
PCI DSS, Level 1
security
Privacy Shield Certified
[bot_catcher]