Add employee ID as a login challenge

Login challenges are extra security questions that help to prevent unwanted access to an account. As an administrator, you can add employee ID as an optional extra security question when we suspect that an unauthorized person is trying to access a user’s account.

Important: Google decides which extra security question is appropriate to present to a user based on multiple factors. This means we might not always ask users to confirm their employee ID, even if you have turned that login challenge on.

For more information on the login challenges Google use, see Verify a user’s identity with a login challenge.

Before you begin

To use an employee ID as a login challenge, you must first ensure that the user employee IDs are stored in your users' account attributes. You can do this in the following ways:

When you add the employee ID information to your organizational unit, let your users know where they can find their employee ID and that they might be asked for it when they sign in to their Google Account. Also let them know their employee ID must only be used in official Google sign-in pages. If they prefer to verify their identity another way, they should update their recovery phone number or email address.

Note: If you turn on SSO or 2-Step Verification for your users, the employee ID login challenge isn’t presented.

Turn the employee ID login challenge on or off

  1. Sign in to your Google Admin console.

    Sign in using your administrator account (does not end in @gmail.com).

  2. From the Admin console Home page, go to Securityand thenLogin challenges.

    To see Security on the Home page, you might have to click More controls at the bottom.

  3. Select the Use employee ID to keep my users more secure box.

    The default setting for the employee ID login challenge is: Off.


     
Was this article helpful?
How can we improve it?