Google Ads Multi-Party Approval: New Security Features Every Account Manager Should Enable

If you manage Google Ads accounts-whether for one brand or hundreds-the past year should have rattled you. A surge of sophisticated phishing attacks let scammers take over full Google Ads Manager accounts (MCCs), giving them instant access to hundreds of client accounts and the power to burn through tens of thousands of dollars in hours.

One agency owner, Craig Skalko, posted on LinkedIn that his company's entire MCC was hijacked at 12:30 a.m.-and he had two-factor authentication enabled.

The scope of the problem is staggering. Google suspended over 200% more advertiser accounts in 2024 than in 2023-39.2 million versus 12.7 million.

One firm lost access to over 1,000 Ads sub-accounts. And Google's response times left many victims waiting weeks for resolution while money drained from their accounts. In February 2026, Google shipped a direct answer to this crisis: multi-party approval (MPA). MPA is a security feature for Google Ads designed to protect your account from unauthorized activity by requiring a second account administrator to verify sensitive changes. It won't solve every security problem. But for account managers who understand what it does-and what it doesn't-it fundamentally changes the calculus for attackers.

Why Google Built Multi-Party Approval Now

The timing was not coincidental. The introduction of multi-party approval directly responds to an alarming surge in Google Ads account hijackings that escalated dramatically throughout 2025. Security researchers at Malwarebytes documented what they called "the great Google Ads heist" in January 2025, identifying sophisticated phishing campaigns that targeted advertisers through fake Google Ads displayed in Google Search results.

These weren't amateur operations. The scheme consisted of stealing as many advertiser accounts as possible by impersonating Google Ads and redirecting victims to fake login pages. Researchers believe the goal was to resell those accounts on blackhat forums, while also keeping some to perpetuate these campaigns.

By late 2025, the attack patterns had evolved beyond basic credential theft. Agencies across LinkedIn, Reddit, and Google's own forums reported a rise in MCC takeovers, even among teams using two-factor authentication. The attackers' preferred weapon was a near-perfect phishing email that mimicked Google's account-access invitations. Victims said hijackers added fake admin users, linked their own MCCs, and began launching fraudulent, high-budget campaigns.

The financial damage was severe. A performance advertising agency with $50 million in annual spend discovered an overnight spike that drove $180,000 in overspend.

Another agency reported "tens of thousands" in ad spend racked up within 24 hours. The common thread? A single compromised admin credential was enough to take over an entire account hierarchy. That's the exact vulnerability MPA addresses.

How Multi-Party Approval Actually Works

Strip away the marketing language and MPA is a dual-authorization control for user-management actions. Multi-party approval currently covers three specific high-risk actions: adding a new user to the account, removing an existing user from the account, and changing user roles and permissions. That's it. It doesn't gate budget changes, campaign edits, or bidding strategies. Here's the step-by-step workflow: 1. An admin initiates a sensitive change. They try to add a new user, remove someone, or modify a role through the standard interface. 2. The system generates a pending approval request. When an admin initiates a sensitive change, Google Ads automatically creates an approval request. Other eligible admins receive an in-product notification.

3. A second admin reviews the request. When you make a sensitive change, a request is sent to all administrators within the hierarchy for approval. All eligible account administrators within your hierarchy receive an in-product notification. Direct administrators and owner managers of the requestor receive individual notifications for each request, while others in the hierarchy receive a combined digest.

4. The request resolves in one of three ways. Complete: the action was reviewed and approved by an administrator and takes effect. Denied: the action was reviewed and rejected, and the proposed action is blocked. Expired: if no action is taken within 20 days, the action is rejected.

Two details practitioners need to internalize. First, since emails aren't sent for these approvals, it's important to check your in-product notifications regularly. If your team relies on email for account alerts, you'll miss MPA requests entirely. Second, if your other account administrators aren't responding to a request, Google Ads support can't approve or deny the request for you. There is no escalation path through Google's support team. This makes internal communication protocols non-optional.

The Security Logic: Why Dual Authorization Matters

The concept is older than digital advertising. Multi-party authorization is somewhat analogous to weapons systems that require two individuals to turn two different keys to enable the system. One person cannot do it alone.

Applied to Google Ads, the logic works like this: Multi-party approval would technically require you to hijack two administrator accounts in order to get approval from two different accounts to take over an account. That's the core deterrent. Compromising a single admin credential-which is what phishing accomplishes-is no longer sufficient to add a malicious user or lock out legitimate admins.

Even if a hacker successfully compromises one administrator account through phishing or credential theft, they cannot add their own malicious administrator without approval from a second legitimate administrator. This forces attackers to compromise multiple accounts simultaneously, dramatically increasing the difficulty and resources required for a successful takeover.

But the benefits extend beyond external threats. The feature also provides protection against malicious actions by compromised or rogue employees. A single disgruntled team member cannot independently remove other administrators or grant access to unauthorized parties without triggering the approval workflow.

For agencies managing client accounts, this also serves as an operational safeguard. Accidentally removing a critical user or granting excessive permissions to a contractor triggers the same review process, catching errors before they create access problems.

What MPA Does Not Cover-and Why That Matters

Account managers need to be clear-eyed about the boundaries. Google has added multi-party approval to tighten security around high-impact changes. It doesn't change bidding, reporting, or campaign performance, but it does change how teams manage account access.

This means an attacker who gains admin-level access can still:

• Launch fraudulent campaigns with uncapped budgets
• Modify existing campaign settings, keywords, and ad copy
• Change billing information and payment methods
• Access reporting data and competitive intelligence

MPA blocks the specific actions that enable long-term account takeovers-adding backdoor users, removing legitimate admins, escalating privileges. It does not prevent an attacker from causing immediate financial damage within a single session if they already have valid credentials.

As security needs evolve, additional actions may also require this approval process. Google has signaled that the scope could expand, but for now, teams should treat MPA as one layer in a multi-layer defense, not a comprehensive solution.

Read-only roles and API users are exempt from this approval process. This exemption makes sense-read-only users can't initiate sensitive changes. But API-level access needs separate scrutiny, particularly for teams using automation scripts that could be exploited.

How to Ensure MPA Is Active on Your Accounts

Here's the detail many articles miss: multi-party approval does not require manual activation. Google Ads automatically implements multi-party approval for accounts that have at least two administrators. Once your account meets this threshold, the protection activates automatically.

That means the most important action you can take isn't flipping a switch. It's ensuring your account structure supports dual authorization: Audit your admin count. Multi-party approval only functions when an account has at least two administrators who can serve as approver and requester. Solo-admin accounts have no protection. If you're the only admin on any account you manage, add a second trusted admin immediately. Check your manager account hierarchy. For agencies running MCCs, understand that approval requests flow through the hierarchy. Ensure your MCC structure has admins at the appropriate levels who can review and respond to requests. Establish a notification monitoring routine. Since MPA relies exclusively on in-product notifications, your team needs a process for checking these. Build it into daily operational workflows. Assign specific team members as primary MPA reviewers. Navigate to the right place. Go to Access and security within the Admin menu. In the "Pending invitations" menu, select Review request. That's where you'll find all pending, completed, denied, and expired requests. Set internal SLAs for approval turnaround. The 20-day window is generous, but don't treat it as a target. Legitimate access changes-onboarding a new team member, integrating a client's marketing partner-shouldn't wait days. Aim for same-day review during business hours.

Building a Complete Security Stack Around MPA

MPA is meaningfully stronger when paired with other controls Google already offers. Think of these as concentric defensive rings: Ring 1: Identity verification. Multi-Factor Authentication or 2-Step Verification is designed to prevent account hijacking and unauthorized access. 2-Step Verification can help keep bad actors out, even if your password has been compromised. Enforce this across every account user, not just admins. For maximum protection, require hardware security keys rather than SMS codes, since attackers are now bypassing 2FA through near-perfect phishing.

Ring 2: Domain restrictions. Allowed Email Domains is an option in your security settings that enables you to control which email domains can be added to your Google Ads account.

Allowed Domains can ensure that users from outside your organization don't get invited to access your Google Ads account. For instance, if you set "example.com" as the allowed domain, you'll only be able to invite user@example.com, but not user@gmail.com. This directly blocks the common attack pattern of hijackers adding random Gmail accounts as admins. Ring 3: Manager account security mandates. Manager account security mandates are minimum security settings enforced on all current and future sub-accounts that a manager account has administrative ownership over. These security settings are available to admin users of manager accounts and can be applied to all current and future sub-accounts owned by the manager. Use these to cascade 2FA requirements and domain restrictions across your entire account portfolio. Ring 4: Access hygiene. Delete inactive/dormant accounts that are ripe for hijacking and delete any users who no longer need access to the account. Schedule quarterly access reviews. Remove users who have changed roles or left the organization. Every orphaned account with admin privileges is an attack surface. Ring 5: Phishing-resistant authentication. Google's central recommendation is for advertisers to create a passkey-a passwordless, phishing-resistant login method-for their Google Account. Passkeys eliminate the credential-harvesting vulnerability that drives most account takeovers. If your team hasn't migrated to passkeys, this should be your top security priority.

Operational Adjustments for Agencies and Large Teams

MPA introduces a friction point that's intentional but requires process adaptation. For agencies managing dozens or hundreds of accounts, consider these workflow adjustments: Designate MPA responders per time zone. If your agency operates across regions, ensure that approval requests don't sit pending because the only other admin is asleep. Distribute admin roles across your operating hours. Document your approval chain. When a new client onboards and needs account access provisioned, who initiates the request? Who approves it? Write this down. Put it in your SOPs. New hires should know the process before they touch a single account. Communicate directly for urgent requests. To maintain the security of your account, contact your internal account administrators directly to complete the approval. Don't rely on the notification alone for time-sensitive changes. Pick up the phone. Send a Slack message. Treat the in-product notification as the formal record, not the communication channel. Handle the revocation workflow. If you need to revoke a pending request that you initiated, you can only revoke a request if it hasn't already been approved or denied by another administrator. Mistakes happen. If you submit a request in error, revoke it immediately rather than hoping the other admin will catch it. Plan for the single-admin edge case. Some client accounts arrive with only one admin. Before you do anything else-before strategy, before campaign builds-add a second admin. Without that step, MPA is inert and the account remains fully vulnerable to single-point-of-compromise attacks.

What the Industry Gets Wrong About This Feature

Most coverage of MPA treats it as a simple announcement: Google added a security feature. But the practitioner implications are deeper than that. It changes the hiring and offboarding calculus. Every employee with admin access now affects two processes: the work they do and the approvals they give. When someone leaves, you're not just removing one user. You're potentially dropping below the two-admin threshold on certain accounts. Offboarding checklists need to account for this. It highlights Google's notification gap. Emails aren't currently sent for Multi-party approval. In a world where most teams manage workflow through email and messaging tools, a security feature that relies exclusively on in-product notifications has an adoption friction problem. Until Google adds email or webhook notifications, teams that don't check the Google Ads interface daily may miss approval requests-and legitimate access changes will expire. It doesn't protect against the most common current attack vector. Most MCC hijacks do not require stealing a password. Instead, attackers use fake access invitation emails or OAuth authorization requests to get an authorized user to approve access for a new user or app. Google's systems register this as a legitimate authorized change, because from a technical standpoint, it is. MPA should catch the "add a new user" step, but only if the approving admin recognizes the request as fraudulent. Team training on recognizing unauthorized approval requests is essential. The 20-day expiration is both a feature and a vulnerability. When an administrator initiates a protected action, the system automatically generates an approval request that must be reviewed within a 20-day window. If no action is taken during this period, the request expires and the change is automatically blocked. The fail-safe of auto-expiration protects against persistent attack attempts. But it also means legitimate requests that fall through the cracks require resubmission-adding friction to valid workflows.

The Bigger Picture: Why Account Security Is a Competitive Advantage

Google is adding a second-admin approval step for high-risk changes, pushing account governance closer to enterprise change-control. As more budget and workflow shifts to automated and agent-driven operations, this is a quiet but important signal: permissions become product.

That observation from the CDP Institute captures something most PPC practitioners aren't thinking about yet. As AI-driven campaign management tools proliferate-Google's own automated bidding, third-party optimization platforms, emerging AI agents that make changes on your behalf-the permissions layer becomes the control surface. MPA is the first visible step toward governance infrastructure that matches the complexity of modern ad operations. For agencies, strong account security is increasingly a differentiator in client pitches. Multi-party approval not only prevents mistakes but also builds client confidence by demonstrating proactive security measures. When you can show a client that their account has dual-authorization controls, domain restrictions, enforced 2FA, and documented access policies, you're demonstrating operational maturity that competitors who treat security as an afterthought cannot match. The advertisers who weathered the 2025 hijacking wave without incident weren't lucky. They had layered defenses. MPA adds one more layer-a meaningful one that directly addresses the most damaging attack pattern. Enable it by ensuring you have at least two admins on every account you touch. Pair it with every other control at your disposal. And train your team to treat every unexpected approval request with the same skepticism they'd give an unexpected wire transfer request. Because in paid media, account security isn't an IT problem. It's a business continuity problem. And the cost of learning that lesson the hard way is measured in tens of thousands of dollars, weeks of lost campaigns, and client relationships that never fully recover.