As your organization's super administrator, you can let users and admins add their own password recovery details.
Before you begin
- This setting is turned on by default for all users except for Google Workspace for Education users under the age of 18, such as K12, where it is turned on only for super admins.
- Phone recovery is turned on by default for super admins. Super admins can use phone recovery even if the setting is turned off.
- The recovery information collected might be used to deal with security issues, such as problematic sign-ins and reauthentication.
- If an admin turns off the setting after a user adds their recovery information, only admins can remove those details from the user's page in the Google Admin console.
Allow users to add recovery details
Before you begin:If needed, learn how to apply the setting to a department or group .
- Sign in to your Google Admin console .
Sign in using your administrator account (does not end in @gmail.com).
- In the Admin console, go to Menu Security Authentication Account recovery.
- To apply the setting to everyone, leave the top organizational unit selected. Otherwise, select a child organizational unit or a configuration group .
- Click Recovery information.
- Click Recovery information Allow users to add a recovery <email/phone> to their account.
- Click Save. Or, you might click Overridefor an organizational unit
.
To later restore the inherited value, click Inherit (or Unset for a group).
Important: Immediately remove a user's recovery information either when they leave your organization or if their account might be hijacked.
