Millions of Gmail users will face new password rules designed to make using the world’s most popular free email service more secure on Monday, Sept. 30, as they head to work. Google will no longer support access to Gmail account data from apps deemed less secure, from a third party or even from devices that are only login-protected by a username and password. Here’s what you need to know.
Goodbye Google Sync And Farewell Less Secure Apps Support For Gmail Users
If news that Google is undertaking a massive shake-up of password security across the board is a surprise, you haven’t been paying attention. From the introduction of passkeys to Chrome web browser users across Windows, macOS, Linux and Android users, to post-quantum cryptography for attack prevention, Google has been hot on security all month. Regarding this specific Gmail password security update, Google has been hot-to-trot for 12 months since giving notice a year ago. To do away with the antiquated sign-in method that is username and password, and so reduce the risk of compromise for Gmail users, Google is requiring all Google Workspace customers to login with a more secure type of access for apps wanting access to Gmail data. That access methodology is OAuth, which you can learn more about in this article warning about the forthcoming changes. The new Gmail app access password rules apply to all Google Workspace accounts, with CalDAV, CardDAV, IMAP, POP and Google Sync no longer supporting a password-based login credential.
Which Gmail Users Are Impacted By The New App Password Deadline?
The new security rules regarding access to Gmail data from less secure apps apply to all customers using the Google Workspace suite of tools. Indeed, the less secure apps setting has already been removed from the Google Workspace admin console to make the transition easier by disabling the addition of new accounts using this method. Personal Gmail account holders are not impacted, although they will no longer be able to toggle the Internet Mail Access Protocol, better known as IMAP, from Gmail account settings as Google said: “IMAP access is always enabled over OAuth and your current connections will not be impacted.” Regarding users, rather than admins, of Google Workspace Gmail accounts, however, there are a number of actions that Google recommends taking to ensure they are not faced with a “username and password is incorrect” error message.
- If you use Outlook 2016 or before, you must move to Microsoft 365 or Outlook for Windows or Mac.
- If you use Thunderbird, or another email client, you must add your Google account again and configure it to use IMAP with OAuth.
- If you use Mail on iOS or macOS, you must use the sign-in with Google option to enable OAuth. This will involve removing and then re-adding your account.