View security settings and revoke access

This feature is not available in the legacy free edition of Google Apps.

The security settings on a user profile gives you the ability to evaluate and alter that user's security settings. In particular, you may:

Security settings overview

To access the user Security settings:

  1. Sign in to the Google Admin console
  2. Find the user account.
  3. Click the row for the user account to display the user information page.
  4. Click Security. Use the following features to check and enhance the user's security settings.

2-step verification

Determine whether the user has enabled 2-step verification at the top. You may disable 2-step verification for the user by clicking Turn off 2-step verification.

If 2-step verification is enabled, the user's backup verification codes are also available and can be displayed by clicking Show backup verification codes. See Signing in using backup codes to help users with these codes.

Password strength

Examine the password strength of the user. See Password strength indicators for instructions on changing password requirements.

Application-specific passwords

View the application-specific passwords created by the user. See Signing in using application-specific passwords to help users with these passwords.

Click Revoke next to any password to remove it. Click OK in the pop-up window to confirm the removal.

Authorized access

View the third-party services that have been granted access to the user's Google account. See How authorized access works to understand how this authorization is enabled.

The column for Service identifies what applications your users have granted access to their Google Apps data. The column for Scope of access is the list of user data that an app can access, including, but not limited to, your user’s contacts, calendar, mail, or groups.

Click Revoke next to any service to remove that authorization. Note you may only revoke service access after it's been granted. You can't pre-emptively block users from granting access to certain apps. See Revoking application-specific passwords to help users remove their own passwords.

Click OK in the pop-up window to confirm the removal.

Temporarily disable Login Challenge

If we detect that an unauthorized person is attempting to access a user's account, we present them with a Login Challenge before they can sign in. We ask the user to verify their identity either by sending an SMS with a verification code to their phone or some other challenge that only the authorized user can resolve before we grant access to their account.

Click Disable Login Challenge to disable this login challenge if the authorized user cannot verify their identity.