Add employee ID as a login challenge

As an administrator, you can now choose to use the employee IDs of your users as an extra login challenge that you can turn on or off.

Important: Google decides which challenge is appropriate to present to a user based on multiple security factors. This means the employee ID login challenge might not always be presented to a specific user, even if you have turned it on.

For more information on the login challenges Google use, see Verify a user’s identity with a login challenge.

Before you begin

To use the employee ID login challenge in your organization, you must first ensure that the user employee IDs are stored in your users' account attributes. You can do this in the following ways:

When you add the employee ID information to your organizational unit, let your users know where they can find their employee ID and that they might be asked for it when they sign in to their Google Account. Also let them know their employee ID must only be used in official Google sign-in pages. If they prefer to verify their identity another way, they should update their recovery phone number or email address.

Note: If you turn on SSO or 2-Step Verification for your users, the employee ID login challenge isn’t presented.

Turn the employee ID login challenge on or off

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Securityand thenLogin challenges.

    To see Security on the Home page, you might have to click More controls at the bottom.

  3. Select the Use employee ID to keep my users more secure box.

    The default setting for the employee ID login challenge is: Off.


     
Was this article helpful?
How can we improve it?