Secure a Compromised Administrator Link

Keeping your administrator link secure is very important, as it gives full access to all of your sub-calendars, events, and calendar settings.

Mistakes happen! If your administrator link has been compromised, here’s how to handle it:

  • If an employee with access to an administrator link has left your organization, follow these steps.
  • If you have lost your administrator link, follow these steps.
  • If you have accidentally shared your administrator link (with an individual, a small group, or even publicly), you’ll want to take a slightly different approach.

To secure an administrator link which has been shared with unauthorized individuals, the best option is to take these two steps:

  1. Create a new administrator link, then
  2. Change the permission on the old (compromised) administrator link.

Note: if you already have more than one administrator link, you can skip Step 1 and go directly to Step 2, changing the permission on the compromised administrator link. Instead of opening your calendar with a “NEW ADMIN” link, simply open it with your other administrator link which has not been compromised.

Step 1: Create a new administrator link

Before you can remove the administrator privileges from the compromised admin link, you need to create a new administrator link:

  • Open your calendar with the current (compromised) admin link.
  • Go to Settings > Sharing.
  • Click the blue New button to create a new link.
  • Check the box to give the new link administrator privileges.
  • Be sure to name the link something memorable to indicate that it is the NEW ADMIN link. For example, “NEW ADMIN LINK.” 😉
  • Click Save, and proceed to step 2!
Create a new administrator link.

Step 2: Change the permission on the compromised link.

If you have accidentally shared the admin link with a large group of people, you can change the permission on the link to something appropriate for the group. That way, you do not have to send a new link to the group; they can continue using the same link, but it will no longer have admin privileges, so it will no longer be a security issue.

  • Open your calendar with the NEW ADMIN link.
  • Go to Settings > Sharing.
  • Find the old, compromised administrator link.
  • Click the Edit icon.
  • Uncheck the box for Administration.
  • Rename the link something that describes its new use.
Uncheck the box for “Administration” and rename the compromised link.
  • Scroll down to select the calendars and set the permissions to include in this link. THIS IS VERY IMPORTANT. If you do not adjust the calendars and permissions, this link will still have Modify permission for All sub-calendars.
  • Choose All sub-calendars or Selected sub-calendars.
  • Set the access permission level appropriately for each sub-calendar included (or globally, if including all sub-calendars). Make sure it is a permission that is appropriate for the group who now will be using this link.
  • Click the green Save button.
Choose which sub-calendars to include and ADJUST THE PERMISSION LEVEL appropriately. Then click Save.

You can enable password protection for the new admin link; that way, if it is accidentally shared, it will still be unusable without the password.

Learn more: