Google Workspace Expands Password Reset Alerts to All Admin Roles
Google will now notify all administrators when any admin password is reset, expanding the Alert Center rule beyond super admins to improve privileged account oversight.
Google Workspace is rolling out a significant enhancement to its Alert Center, expanding the 'Super Admin password reset' alert to now cover all administrator roles within an organization. The change, announced on June 24, 2026, aims to provide broader visibility into password changes affecting privileged accounts, helping organizations detect potential compromises or unauthorized changes more quickly.
The updated alert, now called 'Admin password reset', will appear in the Alert Center dashboard within the Google Admin console. Previously, only super admin password resets triggered a notification; now any admin whose password is reset—regardless of role—will generate an alert. The notification is limited to a maximum of 25 events every two hours to prevent alert fatigue.
'This update provides admins with better visibility and control over the security of their organization's privileged accounts,' Google stated. 'Monitoring password changes for all admin roles provide a higher level of oversight to respond more quickly to potential account compromises or unauthorized changes.'
The Alert Details page for each event includes a summary of the activity, showing the email address of the affected administrator, the time of the change, and who performed the reset—either another admin or a super admin. This contextual information allows security teams to investigate suspicious password resets that could indicate lateral movement or credential theft.
No configuration changes are required from administrators; the expanded alert is enabled by default and applies automatically to all Google Workspace customers. Any custom recipient lists that were configured for the old super admin alert will carry over to the new rule. The feature is rolling out gradually over the coming weeks and will reach all tenants without the need for user intervention.
The move reflects a broader industry trend toward tightening security around privileged access, a frequent target for attackers seeking to escalate privileges within cloud environments. By extending alerts to all admin roles rather than just super admins, Google provides security teams with a more complete audit trail for investigating account takeovers or insider threats.
While the alert expansion is a defensive measure, it also highlights the growing importance of monitoring all administrative accounts—not just the highest-level ones—in cloud-based productivity suites like Google Workspace. Organizations that rely on delegating admin responsibilities across multiple roles can now better track changes that might otherwise go unnoticed until a breach is already underway.