Clear search
Close search
Google apps
Main menu

Google Apps is now G Suite. Same service, new name. More about the name change.

View user security settings and revoke access

This feature isn't available in the legacy free edition of Google Apps.

You can view the security settings for a particular user in the Google Admin console. You can also revoke access to third-party services and security keys if needed. In particular, you can:

Security settings overview

To access a user's security settings:

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in

  2. Click Users.
  3. You can now view real time status of 2-step verification enrollment by accessing the user list section.If you don't see a column labeled 2-step verification enrollment, click More Settings and choose Select columns.
  4. In the submenu select the column labeled 2-step verification enrollment and then click Apply.
    The listing on the Users page now shows whether or not each user is enrolled in 2-Step Verification.
  5. Click the user whose security settings you want to access.
  6. Click Security. You may need to click Show more to see the Security section.

2-step verification

Determine if the user has enabled 2-Step Verification at the top. You can disable 2-Step Verification by clicking Turn off 2-step verification.

If 2-Step Verification is enabled, the user's backup verification codes are also available and can be displayed by clicking Show backup verification codes. See Sign in using backup codes to help users with these codes.

Password strength

In this section, you can verify the user's password strength. See Set password strength and user password recovery for instructions on changing password requirements.

Security keys

View the security keys enrolled by the user. See Add a Security Key to your Google Account to help users with these keys.

Order a discounted security key by logging in using your G Suite account.

If you unenroll a security key, the user will not be able to use it for 2-Factor Authentication. To unenroll a key, click Revoke and then click OK. The Admin console audit log adds an entry each time you revoke a security key.

Note: The security key management feature is available only with G Suite Business or G Suite for Education.

App Passwords

Here, you can see any App Passwords created by the user. See Sign in using App Passwords to help users set them up.

If you want to remove a password, click Revoke and then click OK.

Less secure apps access

View whether or not the selected user has access to less secure applications. You can enable access to less secure applications by going to Security > Basic Settings > Less Secure Apps Access and clicking Turn on. Access is assigned by Organizational Units and Group filters rather than by users.

Authorized access

In this section, you can see the third-party services that have access to the user's G Suite account. See How authorized access works to understand how this authorization is enabled.

The column for Service identifies what applications your users have granted access to their G Suite data. The Scope of access column specifies the user data that the service can access. A user can grant full access or access to specific G Suite data.

To remove access to a service, click Revoke > OK. You can only revoke service access after it's been granted. You can't preemptively block users from granting access to certain apps. See Remove App Passwords to help users remove their own passwords.

Temporarily disable a Login Challenge

If G Suite detects that an unauthorized person is attempting to access a user's account, it presents them with a Login Challenge before granting access to the account. The user must verify their identity by entering a verification code that G Suite sent to their phone or by answering some other challenge that only the authorized user can resolve.

Click Disable Login Challenge if the authorized user can't verify their identity. The Login Challenge will be disabled for a period of 10 minutes to allow the user to sign in.

Was this article helpful?
How can we improve it?
Sign in to your account

Get account-specific help by signing in with your G Suite account email address, or learn how to get started with G Suite.