I have been a Google Apps user for many years. I like the services it provides, I like having my domain’s e-mail within the Gmail interface – it is just convenient. I know there are possibly billions of users of Google’s services, not just Gmail – Youtube, of course, sees billions of views as well.
However, I ran into a problem yesterday which is the first of its kind for me and I thought it may help those of you who have Google Accounts and travel (probably a fair number of people!). It cost me all of my e-mails over the past 40 hours (so, if you had e-mailed me during that time, please try again as I never received it) and took some time and headaches to get the problem fixed.
A Word Of Caution For All Google Apps’ Users Who Travel
I am not sure why this happened to me all of a sudden because my habits did not change at all but yesterday when logging into Google Analytics, I was told my account had been suspended because of suspicious activity. Apparently, the problem was the use of my VPN while logging into Gmail and Google Analytics.
The Suspicious Activity
That is a problem! I, like many others, use a VPN while traveling for many different things. In some situations, I need a VPN since I am out of the US and need to operate it from within the US. For others, they need to access work networks and a host of other situations (like accessing Netflix while abroad, for those that do that).
Having the VPN on and off while using Google’s services apparently now signal suspicious activity and your account could be suspended/disabled. This is even though I have been doing this for years!
Fixing The Problem
Setup A Subdomain And CNAME
– Google’s Link For The Problem
To unlock it, I had to sign in to the service that hosts my runningwithmiles.com domain, create a subdomain, setup a CNAME profile and enter a token from Google that would redirect the subdomain to Google and verify my authority over the domain.
The helpful part is that Google does give you information on how to do this step-by-step according to your domain service.
The Terrible Waiting
And then the worst part – wait. Google said it could take up to 72 hours for them to verify and send me an unlock e-mail to a separate e-mail domain. The problem is that I could not wait. I had been expecting some important replies and e-mails over the past 24 hours and could not wait over the weekend for this to resolve. So, time to call them! Except…you cannot call their support line without a PIN code you get from inside your Google Apps dashboard (which I could not access)! I know, a problem.
That can be avoided by logging in with another user from the domain but that is the only e-mail account I have tied to that particular Google Apps account as I did not have a reason to add an additional one for $50 per year. So, the only other possibility was to fill out a lengthy form with all of this information that included things like the date I joined Google Apps and many, many other questions – and then wait up to 7 days! Another problem arose when I went to get that information – and remembered that it was in my Google Docs account so also unaccessible! 🙁
Fast Forwarding The Process Myself
Finally, I went ahead and logged into a separate Google Apps domain account and got a PIN and called it in. When the rep answered, I told him about my problem and he very nicely switched domains to help me out with the problem. I got my unlock e-mail (which came from Google to a Google e-mail and somehow Google thought it was spam!) and was good to go! Everything unlocked and password changed.
No E-Mails – AT ALL!
But, when I logged in, I found that I did not have any e-mails since the problem started 40 hours ago. The rep said that when the account gets locked, it gets suspended and bounces all e-mails back. If the original e-mail was sent from a Google server, it will keep trying and I should eventually get them but all of the other hundreds of e-mails per day that I received are just gone and senders told my account was suspended! How is that for business?!
So, I am not a happy camper. The rep said I can avoid this by doing a two-step authentication process which involves receiving a text message everytime I choose to login (not a good solution for me) or to use Google Authenticator with the two-step authentication. I will have to check these out or pay for an additional user on that domain as I cannot afford to have this happen again.
Summary
So, what is the takeaway from this? Obviously, if you use Google’s services (especially Google Apps), be careful about signing in to them while utilizing a VPN unless the VPN is on all the time. If you do like I do, you should have another e-mail address within the domain to be able to unlock it quicker.
But, also be on the alert if you are traveling a lot and bouncing around different cities and countries. During my 6 marathon run/6 continent trip, I did receive some warning e-mails from services I use that they had detected unusual/suspicious activity with my logins because I had signed-in from 9 different cities in 4 days. Fortunately, they did not lock me out then!
Have you experienced this problem before? What is your solution to avoiding it?
I am really surprised that you did not have 2 Factor Authentication turned on especially when you travel as much as you do and clearly understand the need for security. Indeed I supposed you need to think yourself lucky that this post wasn’t a story about how somebody broke into your online accounts and stole your identity.
I suspect that it was not just that your were using a VPN service but was that you were using a VPN service that is often used by people to conceal their identity or location (you did say you used it to access Netflix when traveling).
Your post is a good lesson for all but sounds like it could have been avoided.
I am guessing now that you have had time to review, that you now have 2 factor authentication enabled on every account you have (not just Google Apps)
I do have it setup now. You are right – I should have done it before but kept getting frustrated by other companies and their 2-step authentication and how it never saved to a computer. Every single login, it would require extra security steps (not with Google) and slowed things down all the time. These providers said they knew it was a little glitch (sometimes locking me out of my accounts for no reason if with 2-step activated and kept me locked out for a couple of hours) but it still was annoying to have to deal with. Now, I am ok with all of them again!
To be clear, I wasn’t saying that I use my VPN for Netflix but that some people use them for that.
Facebook is blocked at my workplace. I’m using arcvpn to bypass the block! 🙂
I’ve bookmark this post.. Thanks for sharing this……