I'm the president of a managed service provider in Canada and have been working with Google since its beta days back in 2005. Recently, as we've migrated a new customer to Google Workspace, we've encountered a frustrating issue: every account we try to log into demands an SMS verification number for initial access. This isn't just about two-factor authentication; it's the first login!
The hiccup is that Google now insists on a unique phone number for each account, and there's no way to bypass this in the admin console. We have several delegate accounts that we need to activate one by one, and we're under pressure to use either YubiKeys or Google Authenticator to protect personal phone numbers.
It's a real pain because reusing any phone number is against Google's policy, and their support has been unhelpful, suggesting I contact friends and family for numbers, which isn't professional at all. My customer is locked out and extremely frustrated, and I'm at a loss for what to do. Has anyone else faced this issue, and if so, how did you resolve it?
3 Answers
Honestly, it's a bit shocking that Google, a leader in tech, is handling this so poorly. If all else fails, have you considered using a third-party identity provider like Okta or Ping? It might be a bit of extra work, but it could streamline the process for managing user access in the future.
True, but maybe OP can negotiate with the customer on using a shared number just for setup? That way they can at least bypass the SMS issue temporarily.
It sounds like using a customer-owned number for the SMS verification could help. Coordinate with your client to decide which number to use, and in many cases, call verification might also work without relying solely on SMS. Just keep in mind that you need to have the proper legal authority to represent your customer when setting this up according to Google's terms of service.
It feels like these big tech companies are just throwing up walls lately. I heard Apple pulled something similar with iCloud accounts, requiring extra verification steps. It's frustrating when it's obvious that some users are ruining a service for everyone else.
That's a good suggestion, but isn't the SMS requirement getting in the way of doing that? It seems like you can't even set up SSO until you get past that initial verification nightmare.