Google Cloud Identity users have the option to self-serve their account security settings on the Workspace Admin console. All users should be able to set up 2-step verification (2SV), view their login history, look at their registered devices, and look at their active sessions.
Besides these end-user settings, administrators can also mandate certain security settings for users or manage sessions, cookies, and password settings. Administrators have the power to do the following:
- Reset a user's password.
- Reset a user's session/cookies, forcing the user to log in again.
- Check on the user's 2SV enrollment.
- Revoke access to any third-party applications. Irrepsective of whether access is granted directly with the user's Cloud Identity or through an application-specific password, both can be managed by the Administrator.
Next, let's look at how Google strives to keep users secure via password monitoring.