This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ Log in to ask a question

Password Recovery?

jasoncrcsd
Contributor II

‎03-05-2025 06:05 AM

I've been asked if we can enable some way of staff resetting their own passwords if they have forgotten them vs them calling in. You know like most other systems they can setup recover questions or etc. I found a setting under Security/Account recovery but it shows ON. But for an account in that OU if I hit forgot password it says "Contact your domain admin for help" So its not working as far as it reads.

Topics:
0 Kudos
Reply
4 REPLIES 4

alexgrutza
Contributor III

‎03-05-2025 06:12 AM

There is a setting somewhere in Security I think that you can set this up by using their employee id for example. I believe employeeid has to be synced to Google, and is potentially viewable by users in the global directory which is why we don't sync that. But there is that option for them to provide their employee id to unlock or reset their account

--
CISSP | LinkedIn | @Phyxiis
0 Kudos
Reply

jasoncrcsd
Contributor II
In response to alexgrutza

‎03-05-2025 06:17 AM

We are syncing their Emp# but it seems only viewable to the user themselves. I don't see how we can elt the user use any of this. On a chromebook if I hit forgot password the user doesn't even have the option.

0 Kudos
Reply

alexgrutza
Contributor III
In response to jasoncrcsd

‎03-05-2025 06:23 AM

Sorry I was confusing the login-challenge with what you're asking about sorry!

--
CISSP | LinkedIn | @Phyxiis
Reply

NielsBrockmeier
Contributor

‎03-05-2025 07:00 AM

There are quite a few extra steps needed for that to work. Just turning that on doesn't let them recover their password.
(Taken from https://support.google.com/a/answer/33382?fl=1&sjid=2812423999389759455-NA)

  • "Before you begin: Users need a recovery phone number or email address where they can get recovery instructions"
  • "Important: Users who have 2-Step Verification enabled can use only a recovery email address to reset their password."
  • "Users who haven't added recovery information are directed to contact an administrator."

So they either need to set their own recovery email, OR, if you have their personal email in an HRM system you might be able to sync this to the directory as a recovery email and let people recover their own password.

0 Kudos
Reply
  • © 2023 Google. All rights reserved.
  • Privacy Policy
  • Terms of Service
  • Community Guidelines