Hot on the heels of a warning about a dramatic rise in the number of attacks targeting Gmail users, comes a timely reminder that Google is about to force Google Workspace users into taking security more seriously.
Starting September 30, access to your Gmail account from “less secure apps, third-party apps, or devices that only require a username and password to sign in” will no longer be supported.
This forthcoming change impacts all Google Workspace customers, Google said.
Gmail Support For Less Secure Apps Dropped And Google Sync To Be Discontinued Google made it clear that support for what it calls less secure apps, along with Google Sync, would be dropped in a Google Workspace update posted almost exactly a year ago.
Now the deadline for getting your Gmail, plus Calendar and Contact accounts, in order is fast approaching.
I cannot emphasize enough how much of a good thing this is and how we should be applauding Google for finally stepping up and addressing the less secure apps issue.
Indeed, this follows on from the April 1 implementation of stricter authentication requirements for bulk senders of email to Gmail accounts so as to reduce the volume of malicious spam traffic for users.
What Action Gmail Users Need To Take As previously reported, the less secure apps setting has already been removed from the Google Workspace Admin Console.
Users of Outlook 2016 or earlier should move to Microsoft 365 or Outlook for Windows or Mac, as these support the required OAuth access.
Users of Thunderbird or other email clients will need to re-add their Google account and ensure it is configured to use IMAP with OAuth.
A timely reminder that Google is preparing to compel Google Workspace users to take security more seriously follows a warning about a sharp increase in the number of attacks targeting Gmail users. “Less secure apps, third-party apps, or devices that only require a username and password to sign in” will no longer be able to access your Gmail account after September 30. This most recent action is a part of an attempt to eliminate what Google calls a “antiquated sign-in method,” which involves sharing your login information with third-party apps and devices and puts Gmail users at higher risk of compromise from those looking to gain unauthorized access to your Google account. All users of Google Workspace will be impacted by this impending change, according to Google.
Google Sync will be discontinued, and Gmail support for less secure apps has been dropped.
In an almost exact year ago Google Workspace update, Google made it clear that it would no longer support Google Sync and what it refers to as less secure apps. After being first proposed in December 2019, the decision to further strengthen authentication security was put on hold in March of the following year due to the effects of COVID-19. The time to organize your Calendar, Contact, and Gmail accounts is quickly drawing near.
Google is actually solving the issue of account authentication with common sense, which will significantly reduce the threat landscape as it relates to your Gmail account—despite the impression that it is making your life more difficult. I can’t stress how wonderful this is enough, and we should all be proud of Google for taking action and resolving the issue of less secure apps. This is in fact a follow-up to the tighter authentication rules that were put into place on April 1st for bulk email senders to Gmail accounts in an effort to lower the amount of harmful spam that users receive.
A surprising new threat twist by the ForbesRansomware Gang targets users of Google Chrome.
Unless more secure access is used, access to all such less secure apps will be blocked starting on September 30, according to Google. “You will need to login with a more secure type of access called OAuth,” the company stated. CalDAV, CardDAV, IMAP, POP, and Google Sync are the only services that no longer support password-based login credentials, and this is applicable to all Google Workspace accounts.
What Users of Gmail Should Do.
The Google Workspace Admin Console no longer has the less secure apps setting, as was previously reported. However, Google advises end users to take action or else they will receive an error message stating that their username and password are incorrect for login.
Outlook 365 and Outlook for Windows or Mac support the necessary OAuth access, so users of Outlook 2016 or earlier should switch.
It is necessary for users of Thunderbird or other email clients to re-add their Google account and make sure it is set up to use IMAP with OAuth.
IMAP access is always enabled over OAuth, and your current connections won’t be impacted, according to Google, which has confirmed that users with personal Gmail accounts will no longer be able to toggle IMAP from their settings. “.
Users of ForbesGmail, Take Note: This Easy Error Could Destroy Your Privacy.