As your organization's super administrator, you can choose how super admins get back in to their account if they forget their password:
- Turn on account self-recovery—Super admins who added recovery options to their accounts can click the Forgot password? link on the sign-in page. They’ll get a verification code via text, phone, or email, and can follow instructions to reset their own passwords. For details, see Add recovery options to your administrator account.
- Turn off account self-recovery—Super admins who forgot their passwords must contact another super admin or Google Support to reset their password.
Note: For most current and all new customers, super admin account recovery is off by default. If you’re an existing customer with fewer than 3 super admins or 500 users, the setting is on by default, to match previous behavior.
Turn super admin account self-recovery on or off
In the Admin console, go to Menu SecurityAuthenticationAccount recovery.
- Click Super admin account recovery.
- To apply the setting to all your super admins, leave the top organizational unit selected. Otherwise, select a child organizational unit or a configuration group.
- Click Allow super admins to recover their account.
- Check or uncheck the Allow super admins to recover their account box.
- Click Save.
- Ask your super admins to set up a recovery phone number or email address for receiving password recovery instructions.
Immediately remove a super admin’s recovery information if...
- The super admin is terminated or leaves your organization. That way they can’t recover their password to access their old account.
- You suspect the account has been hijacked and the super admin’s recovery information is no longer legitimate.
To remove a super admin’s recovery information or check if it’s been hacked, sign in to the account as the super admin. Then follow steps at Set up a recovery phone number or email address.
If a super admin clicks Forgot password? on the sign-in page, and you haven't turned on super admin password recovery, they see a message to contact their administrator. Make sure you've provided a way for super admins to contact another super admin if they can't sign in to their account.