G Suite Doesn't Let You Contact Support Until Logged In. Locked Out = Stuck
Google have locked me out with the following message:
"We detected an unusual sign-in attempt. To make sure that someone else isn't trying to access your account, your organization needs you to sign in using your corporate mobile device (the phone or tablet you normally use to access your corporate account).
If you don’t have your corporate mobile device with you right now, try again later when you have your corporate mobile device with you. If you continue to have problems signing in, contact your administrator. Learn more
Go back & use your corporate mobile device"
I am unable to get back in:
* Google support doesn't work if you are logged out
* I have no primary mobile or corporate device to complete the above step on.
What does Google expect customers to do here?
137 comments
[ 3.4 ms ] story [ 33.4 ms ] threadI cancelled my account and was still billed for it, but now there's no way to contact support since I don't have an active billing account.
Then you're in luck, because Fastmail's $5/month option has twice as much storage as you're using: $30GB.
Just don't try to use that card number to sign up for any other Google product.
On the other hand, that charge might just be the outstanding balance when you cancelled, so it might be legit.
Chargebacks seem to be appropriate when you truly no longer want to do any future business at all with a particular company - it might not be limited to just "G suite" or "GCP", or "AWS" or "Amazon", but the whole conglomeration.
Obviously YMMV, I'm sure people have had divergent experiences with this. I've always personally been able to get things resolved eventually through chat/email/phone, but I trust that not everyone has the same luck I do.
Was I willing to cut off the New York Times like this when all other means of canceling my subscription failed? Sure! Result: powerful, but not in need of breaking up.
Would I be willing to do this with YouTube, for fear of what it might do to my Gmail account, a service that is seemingly completely unrelated? Good God no, which is one reason I never signed up for a subscription. Result: absolutely needs to be broken up.
In my country (France) you can call your bank, declare that a fraud is going on and it then becomes their problem.
They will usually issue you a new card and call it a day.
Being able to at least email google support would resolve this.
I was referring to the fact that you are being defrauded, which I understood as "being defrauded and loosing money".
I use GSuite since 2004 and the more I read about support the more scared I am. Good luck.
I had a problem with a [very well known US-based bank] credit card where a re-curring monthly charge that I wanted stopped.. wouldn't be stopped by the bank because I had authorized the recurring charge at the outset.
Bank told me to contact the entity charging me, and when I said I couldn't reach them (which was true) and they didn't respond via their support channels, bank said I was SOL.
When I said I no longer authorized these charges, bank said I was SOL.
For a $10/monthly recurring charge, the bank wouldn't help me. So I used the same call to close all my bank accounts & credit card and moved my savings account funds to another bank account.
Bank still wouldn't do anything about that recurring charge.
It is then up to you and the entity which wants to charge you to settle the case, but the bank will not issue the money.
This is why you always set up backup codes. The 2FA is doing its job here keeping the account safe from someone who doesn't have the token, which unfortunately is the account holder.
For reference, I have no 2FA, nor did I lose my corporate device. I've always accessed it through a web browser, never through a mobile, therefore when it asks me to verify with my corporate mobile device, I do not know what device it is referring to.
What options do they have now, if they abruptly stopped using that phone number for some reason 10 years ago and had no realistic way to know which 275 utilities were hitched to the number (or even if they did, couldn't contact support for reasons described in the article), for example:
- because they couldn't afford to pay the bills for a while
- or moved country
- or changed contract and then found they couldn't port the number (happened to me) and lost the old number
- or someone took their phone and they were unable in practice to recover the number or continue using it
- or they were ill in hospital for long enough their phone contract expired and they could not have dealt with transfer issues at the time
Also at a loss.
Reading that comment thread makes it look like (a) "primary mobile or corporate device" just means "the last device you signed in on", not like a special device, and (b) maybe it's a problem when you don't have two-factor authentication enabled?
When you do get back in my advice is to enable multiple 2FA factors as that seems to streamline the account recovery case.
When I switched providers and phone at the same time I used my billing address as well as my CC to confirm my change in billing address.
Ensuring I can proof who I am is my responsibility.
You can try and shift the responsibility but why would they be responsible for your shit?
They've been sitting on the ask for about 7 years
https://forums.aws.amazon.com/thread.jspa?threadID=137055
[1] https://www.token2.com/shop/category/programmable-tokens
[2] https://www.protectimus.com/protectimus-slim-mini
This had become somewhat of the standard for 2FA in recent years.
Also, you may want to enable Account Self-Recovery if it's not practical to have more than 1 admin user. [1]
[0] https://support.google.com/a/answer/9011373?hl=en&ref_topic=...
[1] https://support.google.com/a/answer/9436964
Rely on them at your peril. They have slick products as long as they work but good luck if something goes sideways.
(Although the $150/month option was also very good when I used it.)
This is a pretty accurate representation of how people felt about the phone company back then. Being able to easily talk to people all over the world was amazing and the technology was appreciated. However, still prior to the mandatory breakup in the early 1980s, customer service was often a bit of a joke.
with this revalation I won't be renewing
https://support.google.com/a/answer/6335621
https://support.google.com/a/contact/admin_no_access
To the OP ( 'HelloThur ), this is the answer to your most immediate question. I found it here: https://news.ycombinator.com/item?id=17120223
> Greetings. This is Alex Diacre here from G Suite Support. This has been flagged for my team and we’re looking into it. If any G Suite customer has trouble accessing their account they can always contact Google Cloud Support here: https://support.google.com/a/contact/admin_no_access (this is a special form to use when you cannot access any admin account)
Source: worked on the G Suite Support team for several years.
Google offered no such remedy in the reply detailing his options.
And various forms of "googling" for where to go aren't super helpful.
As much as I enjoy bashing Google, I have to admit that Google is far from the only offender in this. I've seen it a number of time.
Even Saint Digital Ocean has a similar problem. If you're not logged in, the only ticket you can submit is that you can't log in.
I ran into this recently because it turns out that that DO's help system UI is completely borked in Safari. Type in a topic and click one of the suggestions, and instead of taking you to that topic, if just closes the suggestion list.
The suggestions list has a bunch of carriage return icons, suggesting that you can keyboard through it, but that doesn't work, either. And the system doesn't work on a MacBook Air because it can't deal with anything but massive monitors.
At the bottom of the suggestion list is the suggestion to submit a trouble ticket. But that doesn't work, either.
But what do I expect for $5/month? The last actual Digital Ocean support ticket I put in (a couple of years ago, when the system worked) came back with a very polite reply to the effect of, "You get what you pay for."
No way to make progress. Can't use support if you don't have an account. Tried making a separate account, so I could at least open tickets. Their ticketing system keeps closing my tickets before the issue is resolved, and it closes them as "resolved". The worst part is that I actually have both the correct username and password for the account, and I have admin access over every single domain associated with that account (via namecheap). Should be easy to prove that I'm the authentic owner of this account.
Happily using Route53 now. Still haven't figured out how to turn off the CloudFlare billing.
So many worthless canceragenic corporate behemoth are hating this and the only thing they can retaliate it is with the "ban". Lol. Blow me.
That said - sometimes it's better to swallow the occasional bad service vs. filing chargeback. For example if Uber "adjusts" your past trip for a couple bucks not in your favor - it maybe better to just absorb this, otherwise filing chargeback because of $8 will get you inconveniently banned.
Then again, if there were emails I've not been getting from them, I would be none the wiser.
I wouldn't be surprised if many people do username+cloudflare@gmail.com, so excluding it outright would be really silly.
if you provide identity services to more than 100k people or w/e, you need to have a defined dispute process, served by humans with the power to do shit, with legal recourse in the event that they fail to do so. the "run a flag up the pole on social media, hope you're important enough or friends with the right set of people if you want shit done" approach is terrible.
the inevitable "but that will be vulnerable to fraudsters" backlash is stupid--the existing systems are too; fraud prevention and such isn't something you can ever do perfectly, since it's inherently adversarial. the problem we have now is that EVERYONE is treated as if they're a mastermind professional fraud network from the outset, and this does seemingly little to prevent actual bad actors. Twitter's trust and safety team is an even more egregious example, where they very effectively and immediately suspended my attempt to create a single parody account, immediately suspended it again after unsuspending it, and said any future attempts to reach them would be blackholed because the first unsuspend request was still open (there's, of course, no way to see that ticket or respond to it--all you get are email notifications stating that the reply-to discards all inbound mail). this, of course, does seemingly nothing to deal with actual bot networks, since those are run by sophisticated actors who've figured out how to game the system.
something like Estonia's digital ID system is perhaps best, with, importantly, built-in protection against tracking: I should be able to generate an ID that a company can verify, but all they should be able to glean from that is that I have an ID and that I've authorized X other IDs for that company--it shouldn't be something that's traceable back to who I actually am or trace my actions across companies, which is very much not the case (and is something companies very obviously take advantage of for adtech purposes) for the de facto standard of using mobile phone numbers.
$50 could be steep for many and trivial for others, but that's a different discussion.
Customers shouldn't be billed to fix mistakes that aren't their fault. In a functioning market, money is supposed to flow away from faults, not towards them.
Currently because the volume of bogus support requests is so enourmously high, and the fraud attempts also very high - the cost to properly do something like handle account lockout requests properly (on the scale of billions of users) would be EXTREMELY high.
Google is actually pretty clear for consumer accounts, if you lock yourself out your content is lost and they suggest setting up a new account.
Cell phone companies do handle this, you can do things like sim swaps etc with a real person - but you are usually paying $50 - $100 per MONTH with them. And even there plenty of folks have complained of having 2FA codes stolen as a result of this convenience.
If they could charge $50 or $100 to provide paid support (a situation that is actually very COMMON at the enterprise level) for at least some people this will be worth doing. Then the business case is there to staff / resource etc the fix.
Currently, with youtube / gmail etc, the revenue per user is so low it will NEVER make economic sense to have humans dealing with an account.
But keep on banning paid support and you'll keep on getting no support.
Google made over $6 billion in profit in one quarter this year. YouTube had revenue over $5 billion in one quarter. They announced a $25 billion stock buyback.
Google doesn't offer support because they choose not to.
Back of the napkin math - * Lets say on average customers contact Google support once a year for each product they use. That's 0.25 tickets per user per quarter. * Consider Google has ~10billion monthly productuser combinations (9 products have 1B+, most have significantly more) That is 2.5M tickets/support requests a quarter. ~28M tickets a day * If we consider an average ticket take ~3 mins to resolve, thats ~155k hours a day * If we take an employee being productive for 7 hours a day, that's 22k employees * If you take a 1:10 ratio, that is 2205,220 and 22 - 1st, 2nd and 3rd line managers. * Take the cost to be an average of 30k,60k,150k and 300k for each of those layers, thats ($661, $132M, $33M, $6.6M) which totals to ~$833M per quarter * The real world costs for this will probably be anywhere between 2X to 3X of this because all of these people come with other costs like infrastructure, tooling, space, etc. So we are looking at ~$1.7B to $2.5B.
One might be tempted to say that money can be saved vs my estimates but keep in mind the challenges of localization, time zones, compliance etc is also significant and will probably mean an even larger expense.
So yeah, it would be ~40% of the quarterly profit.
Sure this is an expense so tax etc can be changed but my argument would be that we are severely underestimating the complexity and challenge at each step.
So yes, I do think it will never make economic sense unless you are on the platform with sufficiently high spend. Just like every single other economic system we have out there.
That aside, the business model has established that you can get great service if you spend $xM+ or $xxM+ per month (whatever the number is) - its just that we expect the same for a much lower cost.
Hmmm. Could have sworn Google promotes itself as being "best in class" at solving complex problems. ;)
In it's position as a utility, some people have (perhaps unwisely) managed to lock themselves out of a (critical) personal account.
With the corresponding problems that then occur when any other utility stops working.
The suggestion to allow people to pay for support in some situations - eg like those locked out of a critical personal account - would be one approach to solve the problem.
Because at the moment, these people have no recourse. :(
Which when it happens with any other utility, becomes a legal problem. eg Customer contacts relevant Ombudsman / gov oversight body to get it rectified
Another way to look at it is as just the cost to make that remaining profit, and that the cost has been externalized so far.
If people had utterly insisted on decent customer support from day one, companies like Google would have found a way to grow as big as they can while still providing support.
For Google, as a company that has recorded a yearly net profit of over $35 billion, this is chump change. The fact that they could afford to offer some customer service regarding such a critical issue as restoring access to lost accounts, yet choose not to, smacks of corporate entitlement.
It is unacceptable for service providers to damage peoples' livelihoods because the account in question is free or is used by a small business that doesn't spend >10k$ a month.
It is not reasonable to demand that customers pay $50 a month to protect themselves against capricious account closures. That is merely another way of a service provider saying 'nice email account you've got there, it would be a shame if something happened to it.' That's called extortion or even racketeering.
Alphabet's net profit for 2019 was $34 billion USD. The can afford to treat their customers financial interests with respect, and if Alphabet won't do that voluntarily, then it's time for governments to force them to.
What if they lock you out? You make it sound like it's some transparent and easy to understand process based on publicly available rules, and it's just user violating some obvious documented rule, therefore locking himself out.
But maybe you just travel to africa for the first time, and they just decide that now you can't login, because "suspicious activity". Bye.
If they wish to reduce support costs, one other way is to make the service better and more predictable. Maybe add a checkbox to opt out out of this "you're too stupid to keep your credentials safe" banning system, or something like that.
Instead forcing companies to provide a free human based support channel for billing- and authentication issues related to paid services is a better option.
I believe it would take most companies very short time to invent working solutions to problems.
If they keep my $50 and I still think they're wrong, an appeal process is available, etc.
Sort of an insurance, for getting help if locked out
The problem is, I don't have an account. I don't even live in an area where I could have an account. I've contacted them multiple times and they cannot find my email address in their system. They've escalated it, had engineering teams look into it, etc. Nobody knows how/why I'm getting emails.
If I was in a bad mood, I'd report them to the FTC -- the fines of $16k per email would be an enormous amount by now since this has been happening for 8 years.
But, I mention it because some of us here create system that send emails and we need to remember to always create a way for the user to self delete or at least some kind of audit system for finding that email address in a system later.
Oh ya, for about a year I've been getting someone's electricity bill from India too. Again, there's no way to unsubscribe, and worse I don't speak the language so my attempts to contact them have made no progress. Thankfully, it's easy to create email rules to dump these emails before I even see them.
0: https://support.google.com/a/answer/60216?hl=en
I think the first step Google should take before DNS/web server verification is to verify the email address used for the setup.
eg: Register likely target business domains for G Suite, O365, etc trials to lock them out.
Then blackmail/bribe/whatever the legit owner if they want access.
Doesn't sound like there'd be any workaround either, at least for the first few years. :(
Maybe the "Police contacting Google/MS" which would eventually happen could get it stopped at some point.
In fact you were likely logged out in the first place due to policies set by your organization.
Learn to embrace the pain.
He tried to fill in the form on his Android phone to get the decision reviewed, but when he hit submit it just showed an error.
He persevered, and after approximately half a year the form worked and he got access to his account again this summer!
It's a travesty that normal people have no way to get a fair treatment by the FAANGs when it comes to support. I hope some consumer ombudsman could put a stop to this
I love Google's rational of locking people out.
I have pop3/imap access to an old secondary gmail account, but whenever I try to log in by the browser, it locks me out and asks me to confirm who I am by adding a phone number.
I never associated a phone number with the account and have no plans to do so. If somebody did get the password, they would be forced to add a phone number they are in control of if they wanted to take it over.
So what was the point of that? Other than compelling thieves to enable and setup 2FA on gmail accounts on old accounts without 2FA that they've gained access to, almost certainly ensuring the owner never gets it back if they ever decide to check their legacy account again.
If you add your phone number, fine, as long as you still have access to it. But say you add a backup email. Now if you lose access to either your phone number or your backup email, you can never recover your account.
When I realized how this worked, I thought it was nuts. But it is.
Somebody must have used my domain to sign up for a Microsoft Teams something for some reason and NOBODY in my company can find out who or how. Microsoft is absolutely unhelpful in this regard, trying to activate our domain for Office Teams or whatever. Microsoft says it's for "security" reasons; but as CIO of a 50+ person org I should have some override on that in the event of erroneous signups.
I don't even need to access old content because none of us has used the service at all. Just delete the old domain. For all I know it was a troll signup.
I've since just forced my team to use Google Docs/Sheets because Microsoft is being so unhelpful that they won't even let us give them money, lol.
I kinda wish you could do like google analytics makes you do to validate your URL (add a DNS record)
Support should've been able to remove it, I know I was able to do it on escalation cases when I was on Fast Track.
I know that the "ambassadors" are really next to worthless, and if you do not have premier or a TAM on your account, you are really SOL on O365/M365/Microsoft products, you need to email the ambassadors managers, continually, and then go up the ladder, if needbe, to the product manager of that support team and just keep doing it.
It really sucks.
But the reason you couldn't add your domain is 99% most likely someone added and verified it. There are tools on the backend (most easiest Viewpoint) and then billing (CMAT) that can verify if domain is added.
It's still not well supported for "external" takeover but it's disappointing that your support queue didn't point you to the docs on this. Per below though, if someone made it "managed" through DNS verification, yeah, that's hard.
Keywords to search in this scenario "viral admin takeover AAD"
Update:
Here is my thread on Google Community Help if it helps you or anyone else - https://support.google.com/a/thread/60347634?hl=en&dark=1