New Google Third-Party Apps Policy for Google Workspace
On September 30, Google changed third-party app usage in Google Workspace. Third-party apps using passwords to access Google will no longer be supported.
Google sees this change as necessary to improve account security. Previously, these apps used a method called “Less Secure Apps.” This allowed attackers easier access to email accounts.
According to Google’s blog, disabling “Less Secure Apps” will occur in two stages. The first stage happened on June 15, 2024. At this point, “Less Secure Apps” was removed from the admin console.
The IMAP enable/disable setting was also removed from Google Mail settings. The new method, “Sign-In with Google,” uses the OAuth standard. OAuth allows users to sign in and grant access to websites without sharing passwords.
As of September 30, 2024, all Google Workspace accounts must use OAuth for signing in. Applications that use usernames and passwords, like Microsoft Outlook, will need reconfiguration.
Email Application Changes:
Outlook Users: If using Outlook 2016 or earlier, switch to Microsoft 365 or use Google Workspace Sync for Outlook.
Thunderbird Users: Remove and re-add accounts using IMAP with OAuth.
Apple Device Users: Remove and re-add accounts on iOS, MacOS, or Outlook for Mac. Use “Sign in with Google” and OAuth.
Google Sync users will also lose access to Google Workspace. Google Sync is used for syncing mail, calendar, and contacts with device applications.
These changes aim to increase security without relying on users’ passwords.
