Sometimes, employees leave a company without sharing usernames and passwords for the online marketing accounts that they set up. This became more prevalent with the Great Resignation.
Marketing-related accounts include:
- Email marketing & marketing automation systems (MailChimp, Constant Contact, ActiveCampaign)
- Websites (WordPress, Wix, Squarespace)
- Social media accounts (X, Instagram, Pinterest)
- Google accounts (My Business, Analytics, Ads, Search Console, YouTube)
These types of accounts can be particularly problematic because the setup of online marketing-related accounts often happens outside the IT department’s oversight. It’s a form of Shadow IT.
And what if the company did not have a policy of keeping all business account usernames and passwords in a company-controlled password manager?
The issues described below can also apply when a marketing contractor or agency sets up online account access using their domain or a personal email address.
We’ve heard horror stories about a relationship with a marketing agency ending—and marketing account access ending along with the relationship.
When Recovering Account Access Can Be Easy
Not having account passwords isn’t a major problem if the username (usually an email address) for the online accounts is the former employee’s business email address.
In this case, when that person leaves the company, all you have to do is:
1. Ask your email system administrator to reset the password for the email account and send you the new password.
2. Request a password reset from the online vendor.
The password reset instructions will arrive in an inbox that you have access to.
But what if the employee left without sharing the username for one or more online accounts?
When Recovering Account Access Is Difficult (or Impossible)
When there’s no available username for an online account, there is no way to request a password reset from a vendor’s login screen.
Sometimes, you can successfully plead your case with the online vendor’s customer service department.
In other cases, access to that account can never be recovered without the cooperation of the former employee.
Lack of cooperation can mean orphaned online accounts.
Orphaning is most common for Google accounts. A former employee’s consumer Gmail account may have been used for Google business services such as:
- Google My Business
- Google Analytics
- Google Ads
- Google Search Console
- YouTube
There are about 1.8 billion active consumer Gmail accounts, so good luck starting up a dialog with Google customer service about getting access to these.
How to Avoid Losing Access to Marketing Accounts
How do you avoid losing access to Google and other online accounts?
1. Never allow an employee to use their personal email address—Gmail or otherwise—to set up access to an online marketing account that will be used by your business.
2. Do not allow a marketing contractor or agency to control online account access using one of their domain email addresses.
3. Don’t use consumer Gmail for business account access.
When Consumer Gmail is Used For Access to Google Accounts
When a company is not using Google Workspace, a consumer Gmail account is often the default way to access Google accounts such as Google My Business and YouTube.
If this is done, the Gmail account should be controlled by the business, not the employee. The recovery information (mobile number, secondary email) should be that of a business owner.
However, if an employee is using this Gmail account, nothing can stop the employee from altering the recovery information. Therefore, it’s better to use one of the following approaches.
Best Practices For Google Workspace Customers
If your company uses Google Workspace, you do not need a personal Gmail account for any of the above-listed Google Services.
Instead, you can set up a generic Google Workspace account, such as marketing@yourcompany.com.
Your Google Workspace administrator will manage this account. The address is known. If the password is lost, the administrator can easily reset it. The business owns the account, not the employee.
Best Practices For Microsoft Office 365 Customers
When a business uses Office 365 (or any non-Google Workspace email), a marketing@yourcompany.com can still be set up.
In this case, a Google account without Gmail can be created. When you set up a Google account for marketing purposes, Select the “Use my current email address instead” option and enter your marketing@yourcompany.com address.
If an employee leaves, your Office 365 administrator can reset the email account password.
With the right practices, much time can be saved, and inconvenience can be avoided.
