12
Nov
Nov
*note, I’m completely joking*
I have beef with Adwords. Not grass fed beef which is dang good. But beef that I could possibly give the wrong person access to my account! Right now, when I grant someone access to my account/MCC I have to get to do this:
- Navigate to the Account Access tab
- Click on +Users
- Type their email in
- Type their name in
- Choose the Access level
- Send them the invite… Then they are in, right? Nope. Luckily I
have toget to do more… - BONUS – Wait for them to accept
- BONUS – If I take Google’s advice I should contact this person via phone or face-to-face and confirm he or she accepted the invite.
- BONUS – Then and only then should I grant this person access.
Seriously Adwords??? I have to grant access to the access I already gave out, ONLY ONCE? There needs to be better security on Adwords accounts than this. This isn’t my bank account (which only has a simple login) this is for PPC! There needs to be more granting of access. Utah PPC companies should unite!
Proposed Granting of Access (SRSLY?)
Here’s what I propose for granting access to accounts:
- Send the user an invite to the account (current)
- User accepts invite to account (current)
- Grant access to invited user (current)
- User confirms granted access (NEW)
- Confirm the users confirmation of granted access (NEW)
- User approves confirmation of confirmation of granted access (NEW)
- Enter a CAPTCHA code to finalize the approval of confirmation of confirmation of granted access (NEW)
We’ll title this the Security Redundancy Special Loop Yield or SRSYL? for short. This will help take false accesses from 0 down to 0. Or maybe lower because the process has too many steps! But hey, we’re ok with that as long as the account is protected.
Don’t Stop There
In all my time of managing accounts you know how many times I’ve heard of people being hacked? Zero times! You know what that means? Our guard is down and we need more security. What could we do? More Captchas! We don’t want robots getting into our accounts so what if we did something like this:
Call Me Maybe?
But if security is really important to Adwords then they won’t stop at SRSLY? and Multiple Captchas… they need our number! I mean, everyone else is doing it so just grab our number for securities sake.
The best way to do get our number? Have us confirm it with another phone number!
*note, I do actually appreciate that my accounts have never been hacked*
🙂
The sites are at risk of being violated, this is not good at all, I think it would be better if we had more sense.