We are a group of hobbyists managing a mailing list. Mailchimp insists on SMS authentication to login now which has scuppered our plans to spread the workload.

Are there any free / cheap services that would receive a text messages and forward it by email to several people? If not, is there an alternative way to deal with this situation? We’re not necessarily attached to mail chimp but delivery is important.

  • helenslunch@feddit.nl
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    edit-2
    26 days ago

    Can you not use TOTP instead?

    Sometimes you can enter a # for 2FA, then add another method, then remove the phone #.

    The real purpose of the phone number is data collection.

      • helenslunch@feddit.nl
        link
        fedilink
        arrow-up
        6
        arrow-down
        1
        ·
        edit-2
        25 days ago

        Yes, you can use Ente Auth as the authenticator app. You’ll have to copy the token and give it to your coworkers and they can put it in on their end as well.

        Make sure to send securely though, this isn’t the kinda thing you want laid around somewhere, it’s a security key.

  • yessikg@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    2
    ·
    25 days ago

    I hate this trend, I wish companies would have the concept of groups and stop wanting every single person to make an acccount

  • Otherbarry@lemmy.zip
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    26 days ago

    I think Mailchimp just expects each person to have their own account there, each with their own 2FA authentication. Guessing that’s not quite the answer you want :)

    Just took a look at my work’s Mailchimp and we seem to have authenticator and SMS authentication available. Can’t you just set yours to authenticator and share the code amongst yourselves? That seems easiest in your situation unless you also ruled that out.

    My Mailchimp account also has email authentication but that may be because it’s an older account, I don’t see it as an option when I look in the Security options right now. But it’s worth checking if yours has that as an option, then just set that email to a shared email and/or auto forward that incoming email to others.

    Or worst case - Not sure if feasible but maybe a shared google voice account? Services like Google voice can do sms to email so all the incoming texts can come into the email and then you can auto forward or do whatever from there.

    • FarraigePlaisteach@lemmy.worldOP
      link
      fedilink
      arrow-up
      2
      ·
      26 days ago

      I haven’t used an authenticator so this might be a basic question, but: when you say to share the code, do you mean each time we need to authenticate? Most of us keep our phones on silent so we mightn’t be good candidates for that.

      Thank for the helpful reply. I don’t have the email option but as a last resort I could explore Google Voice options in the EU.

      • Successful_Try543@feddit.org
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        26 days ago

        A TOTP app basically generates a token based on a secret key. If you share the secret key between the members of your group, any of them is able to generate the token. Maybe it is even possible to register several authenticators with different secret keys, then you would not need to share the key and, if a device gets lost, you could simply remove the compromised key from the list of valid keys.

      • Otherbarry@lemmy.zip
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        26 days ago

        It’s basically what others mentioned - the code can be a long string you can enter, but usually it’s a QR image representing the code itself (I’m sure Mailchimp is going to give you a QR image when you set it up).

        Most people use a TOTP authenticator app on their phone to take a picture of that QR image & load it into their app. Once the code is generated it does not change so in theory you should be able to share that code or QR image amongst yourselves & load it into your own apps. No data/mobile connection or SMS/email required unless you’re using a specific TOTP app that needs that.

        On Android I’ve used andOTP and Google Authenticator apps with good results but there are plenty of other TOTP authenticator apps if you look around.

        PS - In terms of sharing it, just share the picture of the QR code with whatever screen/image capture tool you like to use. Just keep in mind you don’t want to keep the QR image laying around online, the whole point is to secure your Mailchimp account after all.

        • Successful_Try543@feddit.org
          link
          fedilink
          arrow-up
          1
          ·
          25 days ago

          the code can be a long string you can enter, but usually it’s a QR image representing the code itself

          There is usually an ‘advanced’ option if the ‘QR doesn’t work’ that gives you access to the plain text data.

        • helenslunch@feddit.nl
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          25 days ago

          to take a picture of that QR image

          You really shouldn’t ever be taking a picture of a QR code, you just scan it using the app.

          just share the picture of the QR code with whatever screen/image capture tool you like to use

          No, you share the text key that the QR code represents.

          • Successful_Try543@feddit.org
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            25 days ago

            Beside it’s inefficient to send text data as an image, why does it make a difference?

            If the app has offers option to open an image with a QR code, IMHO it is more convenient, to send the image of the QR code (I’d try ‘save image as’ instead of a screenshot though). When sending text, you and the recipient manually have to copy the information and the recipient also has to paste it into the right field.

            • helenslunch@feddit.nl
              link
              fedilink
              arrow-up
              1
              arrow-down
              1
              ·
              25 days ago

              why does it make a difference?

              1. Because if you scan it, it is saved into your app and not stored anywhere else. If you take a photo of it, it’s saved into your camera roll, which is a security vulnerability. Same goes for the other party.

              2. What is the other party supposed to do when they receive it? They can’t scan their phone screen with their phone camera…?

              • Successful_Try543@feddit.org
                link
                fedilink
                arrow-up
                1
                ·
                edit-2
                25 days ago
                1. Because if you scan it, it is saved into your app and not stored anywhere else. If you take a photo of it, it’s saved into your camera roll, which is a security vulnerability. Same goes for the other party.

                Why should anyone take a camera to take a screenshot or click on ‘save image’? Additionally, the secret key would be stored as well on the messenger app you are using to share the key among the group members.

                1. What is the other party supposed to do when they receive it? They can’t scan their phone screen with their phone camera…?

                Aegis, e.g. can open images containing a QR code and import the key that way. I assume other apps can do the same.

                • helenslunch@feddit.nl
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  24 days ago

                  Why should anyone take a camera to take a screenshot or click on ‘save image’?

                  They shouldn’t, but that’s what you said…

                  Aegis, e.g. can open images containing a QR code and import the key that way. I assume other apps can do the same.

                  Never used one that does that.

  • BearOfaTime@lemm.ee
    link
    fedilink
    arrow-up
    1
    ·
    26 days ago

    Jmp.chat

    Sign up for the service (about $5/mo), get an eSIM from them.

    The service ports all sms in/out into a Jabber/XMPP account, so anyone logged in can get it.