Skip to content
Close
LANGUAGE – en
it
Book a call
en
it
Book a call
power2Cloud09/04/244 min

Google: if you don't use OAuth, block access to less secure apps from Sept. 30

OAuth-2

 

September 30, 2024, mark this date on your calendar because the new Google Workspace update will go into effect.  

If you use the Google suite for your business and are a Console administrator, continue reading this article to make the necessary changes and adapt your business to the new update. 

From the end of September to use a specific App with a Google account you will have to pass to a more secure type of access called OAuth.  

Yes, you got it right, less secure Apps, third-party Apps, or devices you access only with a username and password will no longer be supported for Google Workspace accounts as early as as of June 15, 2024.

Let's see what changes:

    • old Google Workspace users, who used Less Secure Apps (LSAs) before June 15, will be able to continue to do so until September 30, but no longer. This feature will be removed from the Administration Console and can no longer be changed. 

Therefore users will not be able to connect to third-party Apps that require password-only access to Gmail, Google Calendar and Contacts via protocols such as CalDAV, CardDAV, IMAP, SMTP, Pop and Google Sync;

    • New Google Workspace users. As of June 15, they will no longer be able to use this feature, but will have to use OAuth right away.

Motivation. This new update increases security and prevents your company from being exposed to additional risks. Your users will no longer have to share Google account credentials with third-party apps and devices.

 

What is OAuth?

Google thus encourages the use of OAuth (Open Authorization). This feature is already appreciated by many because it saves time and increases security since you don't have to type in your credentials.

"Sign in with Google" is definitely a more secure industry-standard OAuth method for synchronizing your e-mail with other Apps. 

If the App you want to access does not support Oauth you must necessarily switch to an App that does or create a new password to allow Google Workspace logins via third-party apps. 

Applications and devices affected by Google Workspace update

Let's see which applications are affected by the Google update:

  • Thunderbird or another email client;
  • Mail apps on iOS or macOS or Outlook for Mac that use only a password to log in;
  • calendar applications (Web, iOS, Android);
  • application contacts;
  • all others that do not support OAuth;
  • mobile device management (MDM) to configure IMAP, CalDAV CardDAV, POP or Exchange ActiveSync (Google Sync) profiles. These services will be phased out according to the time sequence described.
  • scanners and other devices that use Simple Mail Transfer Protocol (SMTP) or LSA to send email. 

How to use more secure Apps? Follow the guide 

How to use more secure Apps? How to recognize them? If an App uses a less secure login technology, you will no longer be able to use it with your Google account. Apps that use only your username or password will create errors, you may then see messages such as "Invalid username," "Invalid password," or "Cannot log in." 

To log into your Google Workspace account from any third-party App use "Sign in with Google". In case you have not already done so, you may need to remove your Google Account and add it back on the device you are using.

Let's detail the recommended solutions on a case-by-case basis:

    • Upgrade to an updated Microsoft version that supports OAuth ( Microsoft 365, Outlook 2021, Outlook for Windows..). Use the Google tool for OAuth synchronization with Outlook - Google Workspace Sync for Microsoft Outlook. Or use the password for the App for more secure authentication;

    • add Google account again and configure it to use IMAP with OAuth for Thunderbird or another email client;

    • If you use Mail apps on iOS or macOS or Outlook for Mac, in both cases check that you are signed in with Google, otherwise you will need to remove and add back your Google Workspace account to automatically use OAuth authentication;

OAuth-1-1024x731

    • for calendar applications. If you use a password-based CalDAV (Calendar Distributed Authoring and Versioning) app, switch to a method that supports OAuth, e.g. the Google Calendar App (Web, iOS, Android);

    • For application contacts follow the directions provided for calendar applications: remove the account and refresh it by selecting "Sign in with Google".

    • all other apps: If the app you are using does not support OAuth, you will need to switch to an app that offers OAuth or create a password for the app to access these apps.

    • mobile device management (MDM). MDM push of password-based IMAP, CalDAV, CardDAV, SMTP, POP, Exchange ActiveSync (Google Sync) will no longer work for existing users. Administrators will need to use a Google MDM provider, which will re-add their Google accounts to iOS devices using OAuth.

    • scanners and other devices: configure them to use OAuth or configure a password for the app to be used with the device. 

If you use Google Workspace we recommend you check here for the latest updates that can boost your productivity. To optimize Google Apps and increase security, of course power2Cloud experts are at your disposal!

RELATED ARTICLES