As your organization's administrator, you can check critical actions carried out by users on their own accounts. These actions include changes to passwords, account recovery details (telephone numbers, email addresses), and 2-Step Verification enrollment.
From the Admin console Home page, go to Reports.
- On the left, under Audit, click User Accounts.
(Optional) To customize what you review, on the right, click Manage columns , select the columns that you want to see or hide, and click Save.
Review ways to filter and export log data and create alerts.
Data you can view
Summary of the event
Account password change—Username has changed Account password
Account recovery email change—Username changed Account recovery email
Date and time the event occurred (browser default time zone).
|IP address||IP address associated with the logged action. The address can reflect the user’s physical location, a proxy server, or a Virtual Private Network (VPN) address.|
|2-step verification disable||Each time a user disables 2-Step Verification.|
|2-step verification enroll||Each time a user enrolls for 2-Step Verification.|
|Account password change||Each time a user changes an account password.|
|Account recovery email change||Each time a user changes a recovery email address.|
|Account recovery phone change||Each time a user changes an account recovery phone number.|
|Account recovery secret question/answer change||Each time a user changes an account recovery secret question and answer.|