Since September 30, Google has implemented new Gmail security measures to enhance account protection. These changes mean that millions of users will find that access to Gmail data from less secure applications or devices using only a login and password will no longer be supported.
Google’s Enhanced Security Protocols
According to Forbes, this decision is part of Google’s larger campaign to improve service security. The initiative, announced a year ago, has allowed users and developers time to adapt. In recent months, Google has implemented new security technologies, including access keys for the Chrome browser on all major platforms (Windows, macOS, Linux, Android).
The core of this new system is the switch to the OAuth authorization protocol, offering more reliable data protection. As a result, access to Gmail through the CalDAV, CardDAV, IMAP, POP, and Google Sync protocols using just a username and password is no longer possible.
How the Changes Affect Users
It’s important to note that these changes primarily impact Google Workspace users. For personal Gmail accounts, regular email access remains unaffected. However, IMAP access using email clients will now require the OAuth (Open Authorization) protocol, allowing third-party applications to gain limited access to user data without sharing login details, notes NIX Solutions.
Recommended Actions for Users
Google recommends several steps to avoid disruptions. For example, Outlook 2016 and earlier users should switch to Microsoft 365 or the latest versions of Outlook for Windows and Mac. Thunderbird and other email client users need to re-add their Google accounts, configuring them to work with IMAP via OAuth.
Lastly, users of the Mail app on iOS and macOS will need to select the “sign in with a Google account” option to activate OAuth, which may require deleting and re-adding their accounts. We’ll keep you updated on any further changes or recommendations from Google.