This page presents conceptual and procedural information that you, as an administrator, can use to help ensure the security and virtual safety of your users.

What Is a User

A user is a record in the application that grants access to a person who uses the application. As an account administrator, you ensure that all of your users are configured appropriately, using the administrative area of the application.

 

NOTE: The following information about user security is essential to help protect the assets in your account and prevent unauthorized access.

You should create one user per person, API process, and third-party that you integrate with. You should not allow usernames and passwords to be shared among users because it increases the likelihood that your account will be compromised.

To be most secure, you should give each user the least possible access to accomplish their tasks in the application. To set up a user with full rights to every non-administrative area (emails and templates, subscribers, tracking, and portfolios), you leave all user permissions deselected. To create an administrator, you set up the user with the Add Users to Account permission.

You cannot delete users; you can, however, disable them. Disabling a user retains the user security record in your account and preserves the integrity of data in your account associated with the user. The number of users you can add to your account is specified in your contract and does not include disabled users.

As an administrator, you can add users, modify user permissions, and disable users. You can also reset passwords when needed.

User Passwords

When you add a new user or reset a user's password, you are prompted with the user's new temporary password, which you need to communicate to the user. When the user logs in with that password, he or she is prompted to create a new password.

Upon first login, users are also prompted to provide an identifying question and answer. If a user forgets his or her password, the user can click a link on the bottom of the login screen, which allows the user to create a new password if the user responds correctly to the identity question.

What Are User Permissions

The following user permissions are available to be set when you create the user. If you are using an Enterprise 2.0 edition account, see Roles for instructions on setting user permissions.

Create/View Accounts

People with this permission can create additional accounts and view the settings for individual's accounts.

Remove Access to Templates

People with this permission have no access to templates. The user can't see the My Templates folder in the Email section of the application.

The user is still be able to create emails based on templates that other users have built.

Remove Ability to Send Emails

People with this permission can't send emails, including test emails.

The user can still create emails.

Remove Access to Modify Profile Attributes

People with this permission can't add, modify, or delete attributes.

The user still has access to the Profile Management section of the application to view attribute details.

Remove Access to Interactions

People with this permission can't see the Interactions tab in the navigation pane.

Grant the user access to the web services

People with this permission can create web service API calls for the ExactTarget system to process. If this permission is selected, their username and password will allow the application to access their account.

Administrative Data Management

People with this access can access the data retention policies for data extensions.

This permission also allows access to Manage Salesforce Data features to delete data that ExactTarget for AppExchange stores in the Salesforce database.

Add Users to Account

People with this permission can:

  • re-enter the value entered in the temporary password field.
  • manage the account settings.
  • create, view, update, and delete account users.
  • create, view, update, and delete roles.
  • manage roles for account users.
  • view reports and report activity.

In Enterprise 2.0 accounts, they can:

  • create, view, update, delete, and assign business units
  • manage roles and view users for the business unit

If this user permission is not selected, the user can't see the My Users option in the navigation pane.

View Tracking Only

People with this permission can only view tracking when they log into the ExactTarget application. They cannot access other areas or functions without a change in permissions.

Remove Access to ExactTarget from External Systems

People with this permission will not be able to access the ExactTarget application from a system outside of their network.

Remove Access to Delete Lists

People with this permission can't delete subscriber lists, groups, or publication lists.

Remove Access to 3sixty

People with this permission can't see the 3sixty link in the application interface or be able to log in to 3sixty from the URL. Account administrators with this permission selected can't allow access to 3sixty for accounts they create.

Remove Access to Lists

People with this permission can't:

  • view all subscribers list.
  • preview emails for a subscriber.
  • create, view, update, or delete groups.
  • create, view, update or delete lists.
  • create, view, update, or delete publication lists.

Remove Access to Modify Profile Attribute Values

People with this permission have read-only access rights to subscribers' attribute values.

Note: This permission's scope is limited to a user's ability to modify attributes in the subscriber Properties dialog box of the ExactTarget application interface. This limitation has the following implications:
  • this permission is not applied to users accessing your ExactTarget data through subscriber imports or API calls. A user can still modify subscribers' attribute values through imports and API calls even if this permission is turned on for the user.
  • additionally, this permission does not impact a user's ability to create subscribers. It applies only in the context of editing a subscriber's existing attribute values.

Manage Data Extension Data and Retention Policy

People with this permission can set their account's data retention policy.

General Settings

In the Admin tab under Account Settings, you see a General Settings section. The information displayed in the General Settings section apply to the user who is logged in to the application. The table below explains each field.

Field Name Description
Account Name The name that the account is assigned to.
Account ID The unique ID number associated with the account name.
Email Display Name The name that appears in the from field in an email.
Email Reply Address The email address that emails are sent from.
Portfolio Base URL The unique base directory for portfolio files.
Modified By The person who last modified your user settings.

Why Add Users

You add users to:

  • enforce security in your account.
  • provide access to relevant areas of the system to people in your company who are using it.
  • create custom interfaces (in enterprise 2.0).

How To Access Your User Security Records

To access the records defining your users' access rights, follow these steps:

  1. In the navigation pane, click Admin.
  2. Click Account Settings.
  3. Click My Users in the navigation pane.

The workspace on the right shows all the users set up in your account.

How To Add a User

To add a new user to your account, follow these steps:

  1. Click the Admin tab.
  2. Click my users
  3. Click the Create button in the My Users workspace toolbar.
    The Create a User page is displayed in the workspace.
  4. Complete the basic user information files on the Create a User page as follows:
Field Description
Name Enter the user's full name as you want it to appear in the application.
Reply Email Address

Enter the email address you want displayed when an email is sent from this user.

Note: This field is only displayed in accounts where the Multi-From Connect advanced feature is enabled.
Notification Email Address Enter the user's complete email address. The email address is used when the user requests to have results from application activities emailed to him or her. This is a required field.
Username Enter the username that the user enters when logging in to the application.
API User

Indication if this user is authorized to access the application via the API.

Note: This field is only displayed in accounts where the API feature is enabled.
Temporary Password

Enter a temporary password for this user.  The temporary password is emailed to the user (at the Notification Email Address) if the Send Password Change Confirmation Email is checked in the Security Settings.

When the user logs in, he or she is prompted to change the password and provide a security identification question and answer.

Note: The temporary password you create must adhere to the password conventions defined in the Account Security Settings.
Verify Password Re-enter the value entered in the temporary password field.
  1. In the User Permissions area of the User Properties dialog box, select the permission that determines what the user can access. See User Permissions for a complete list and description of the permissions.
  1. Click the Create User button.
    The Personal Information page is displayed in the workspace with settings for the created user.

How To Modify and Disable Users

You can change a user's access rights or the general information about a user by modifying the user's security record.

You can also disable a user so that the user cannot log in to the application. The user's security record remains in your account so that it can be reenabled.

  1. Access the My Users workspace. (See How To Access Your User Security Records.)
  2. Click the hyperlinked username in the My Users workspace to display the Settings page for that user.

If the user is disabled and grayed out in the workspace, you can still click the username to open the user's User Properties.

  1. Adjust the user's information and/or permissions as needed. If you want to disable the user, clear the Enabled box.
  2. Click Save Changes.

The next time the user logs in, your changes take effect. If you disabled the user, the user can't log in until you have reenabled the user's record.

To reinstate a disabled user, follow these steps again and check the Enabled box.

How To Reset User Passwords

To reset a password for a user, follow these steps:

  1. Access the My Users workspace. (See How To Access Your User Security Records.)
  2. Click the hyperlinked username in the My Users workspace to display the Settings page for that user.
  3. Click the Change Password hyperlink to display the Change Password page and define the following values.
Field Description
Old Password Enter the old password for the user.
New Password

Enter a new password for this user. Passwords can be no more than 30 characters.

The administrator must send the password to the user (at the Notification Email Address) in order for the user to be notified.

Note: The password you create must adhere to the password conventions defined in the Account Security Settings.
Verify New Password Re-enter the value entered in the New Password field.
Challenge Question The challenge question is displayed when a user provides the incorrect username and password combination after a pre-determined number of times.  That number is equal to the value in the Maximum Invalid Logins field in the Security Settings.
Challenge Answer Enter the valid answer to the Challenge Question described above. The challenge answer can be no more than 35 characters.
  1. Click Save.

This page was last updated by Adam Evans

If you require assistance with the ExactTarget application, please contact the Client Success Center. If you wish to send Adam direct feedback, fill out the form below:

Enter the digits 5170 backwards:
   
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Tag page
You must login to post a comment.