BetaJoin our early access program — 1 year free for founding members.Apply Now →
8 min read

What Happens When Your Nonprofit Loses Its Super Admin

The founder left. The board rotated. Nobody knows the super admin password. This is the most common Google Workspace crisis for nonprofits — here's how to fix it and prevent it.

google-workspacenonprofitssuper-admindisaster-recovery

A new board member joins a nonprofit. They're handed IT responsibilities along with a stack of other duties nobody else wants. They log into the Google Admin Console and realize they can't reset passwords, can't change billing, can't modify domain settings. Half the console is grayed out.

They ask around. Turns out the person who set up Google Workspace left the organization two years ago. Nobody has their login credentials. Nobody even knows which email address was used for the super admin account.

This scenario plays out constantly. It's one of the most common Google Workspace crises for nonprofits, and it's almost always preventable.

How This Happens

The pattern is remarkably consistent.

Someone — usually a founder, an early board member, or a volunteer with technical skills — sets up Google Workspace for the nonprofit. They create an admin account, configure the domain, and handle the initial setup. They might use their personal email address. They might create a generic admin account and keep the password in their head.

Then life happens. Their board term ends. They move to a different city. They get busy. In some cases, they pass away. The organization continues operating, but nobody thinks to ask about admin access — because nobody knows it's a thing that needs to be transferred.

The remaining staff might have delegated admin roles. They can manage users, maybe reset passwords for regular accounts. But delegated admins can't do the things that matter most in a crisis.

What You Can't Do Without Super Admin

The gap between "admin" and "super admin" in Google Workspace is enormous. Without super admin access, you cannot:

  • Reset passwords for other admins — including other super admins
  • Change domain-level settings — DNS configuration, domain verification, primary domain changes
  • Manage billing and subscriptions — update payment methods, change plans, prevent service interruption
  • Create or modify admin roles — you can't grant yourself the access you need
  • Access security investigation tools — critical during a breach or compliance audit
  • Delete or suspend super admin accounts — the ghost account stays active indefinitely

In short, everything that matters during a crisis requires super admin. And crises are exactly when you discover you don't have it.

How to Recover — Step by Step

If you're locked out right now, don't panic. There are several paths to recovery, and at least one of them will work for most organizations.

Step 1: Check If You Already Have More Access Than You Think

Before assuming the worst, verify the current state of admin roles in your organization.

Go to admin.google.com and navigate to Account > Admin roles > Super Admin. Look at the list of accounts assigned to that role. You might discover a forgotten account — an old admin@yourdomain.org or a former staff member's account that still has super admin and hasn't been suspended.

If that account is still active on your domain, you can use the password recovery flow to regain access to it, even if nobody remembers the current password. Check the recovery email and recovery phone number associated with that account.

Step 2: Try the Admin Recovery Flow

Google provides a dedicated recovery process for exactly this situation.

Go to admin.google.com/recovery and follow the prompts. Google will ask you to verify that you own the domain — typically by adding a DNS TXT record or uploading an HTML file to your website.

This requires access to your domain registrar — wherever your organization's website domain is managed (GoDaddy, Namecheap, Cloudflare, etc.). If you can prove you control the domain, Google will grant super admin access to an account you specify.

For most nonprofits, this is the fastest path to recovery. The person who manages your website or domain registration is your key ally here.

Step 3: Contact Google Nonprofit Support

If your organization has an approved Google for Nonprofits account, you have access to dedicated support.

Go to support.google.com/nonprofits and file a support request. Explain that you've lost super admin access. Google's nonprofit support team deals with this scenario regularly — you won't be the first organization to call with this problem.

Be prepared to prove your organization's identity. Have your EIN (or equivalent tax ID), incorporation documents, and any previous correspondence with Google ready. The more documentation you can provide, the faster this goes.

Step 4: If the Super Admin Account Is a Personal Gmail

This is the hardest scenario. If the original super admin used their personal Gmail account (e.g., volunteerguy@gmail.com) instead of an account on your organization's domain, the situation is more complicated.

That personal account isn't on your domain, so you can't reset it through domain verification. Your options:

  • Contact the former admin directly. If they're reachable and cooperative, they can either transfer super admin to another account or hand over the credentials. This is the simplest fix.
  • If they're unreachable, Google support is your only path. This takes longer and requires more documentation, but Google has processes for handling it.
  • If the account was a Google Workspace account on a different domain (e.g., they used their work email from their day job), you may need that organization's cooperation as well.

This is why the single most important rule in this entire article is: never use a personal Gmail account as the primary super admin. Always use an account on your organization's domain.

How to Prevent This: The Digital Succession Plan

Recovery is possible, but prevention is easier. Here's what every nonprofit should have in place.

Always Have at Least Two Super Admins

This is non-negotiable. If one super admin disappears, the other can maintain full control. Both should be accounts on your organization's domain — not personal Gmail addresses.

Ideally, these two super admins should be people in different roles (e.g., the executive director and the board treasurer) so that a single departure doesn't eliminate all super admin access.

Use a Role-Based Admin Account

Create an account like admin@yourdomain.org or it-admin@yourdomain.org and assign it super admin. This account belongs to the organization, not to any individual. Store its credentials securely (more on that below).

This account serves as a break-glass backup. Individual staff members should have their own named accounts with appropriate admin roles for day-to-day work.

Document Credentials Securely

Super admin credentials need to be accessible to authorized people even if the current IT person is unavailable. Options:

  • A password manager shared with board officers (the president and treasurer, at minimum)
  • A sealed envelope stored in a safe deposit box or fireproof safe, updated annually
  • A dedicated section in your board's emergency procedures document referencing where credentials are stored

The key is that at least two people outside of IT know where to find these credentials.

Add Admin Access to Your Board Transition Checklist

Every time a board member rotates off, or a staff member with admin access leaves, admin access transfer should be an explicit checklist item. Not "we'll get to it" — a formal step that gets signed off before the transition is complete.

This is no different from collecting office keys or removing someone from the bank account. Digital access is organizational access.

Review Admin Roles Annually

Once a year, pull up the full list of admin roles and assignments. Ask: does every person on this list still need their level of access? Are there accounts that should have been removed? Are there gaps where a backup admin should be added?

For a detailed walkthrough of how to audit every admin role in your Google Workspace, see Who Has Admin Access? How to Audit Google Workspace Roles.

The Broader Pattern

This isn't really a technology problem. It's a process problem — and it's completely understandable.

Nonprofits run on volunteer effort and limited budgets. The person managing IT is usually doing it on top of three other jobs. Formal IT processes feel like bureaucracy that large companies need, not small organizations trying to do good work.

But the fix is genuinely simple. It doesn't require a budget or technical expertise. It requires:

  1. Two super admins on your domain (15 minutes to set up)
  2. Credentials stored where the board can access them (30 minutes)
  3. An annual check that admin access is current (1 hour per year)

That's it. Three steps that take less than two hours total, and they prevent a crisis that can take weeks to resolve.

If you're setting up Google Workspace for a nonprofit for the first time, or helping one get organized, the Google Workspace Nonprofits Admin Guide covers the full setup. And if someone is leaving your organization, the Offboarding Checklist ensures nothing gets missed — including admin access transfer.

If you'd rather catch this problem before it becomes a crisis, MonitorWorkspace shows every admin role on a single screen — who has super admin, who has delegated roles, and where the gaps are. Ten minutes to set up. The admin role map is the first thing you see. For most nonprofits, it's also the first surprise.

Ready to simplify Google Workspace management?

Free for up to 10 users. Setup in 10 minutes. No credit card required.

Join the BetaRead More Articles