Millions of Gmail users will experience new password rules on Monday, September 30, designed to make using the world’s most popular free email service more secure when they go to work. Google no longer supports access to Gmail account data from apps that are considered less secure, from third parties, or even from devices that are only protected with a username and password. Here’s what you need to know.
Goodbye Google Sync and goodbye to less secure apps support for Gmail users
If the news that Google is making a massive shake-up in password security across the board comes as a surprise, you haven’t been paying attention. From introducing passcodes for Chrome web browser users across Windows, macOS, Linux, and Android users to post-quantum cryptography for attack prevention, Google has been on security all month. As for this particular Gmail password security update, Google has been in turmoil for 12 months since its notification a year ago. To do away with the outdated username and password login method and thus reduce the risk of compromise for Gmail users, Google is requiring all Google Workspace customers to sign in with a more secure type of access for apps that want to access Gmail data. That access methodology is OAuth, which you can read more about in this article alerting you to the upcoming changes. The new password rules for accessing the Gmail app apply to all Google Workspace accounts, with CalDAV, CardDAV, IMAP, POP, and Google Sync no longer supporting password-based credentials.
Which Gmail users are affected by the new app password deadline?
The new security rules regarding access to Gmail data from less secure apps apply to all customers using the Google Workspace tool suite. Indeed, the less secure apps setting has already been removed from the Google Workspace admin console to make the transition easier by disabling adding new accounts via this method. Personal Gmail account holders are unaffected, although they will no longer be able to toggle the Internet Mail Access Protocol, better known as IMAP, in the Gmail account settings, as Google said: “IMAP access is always enabled via OAuth and your current connections won’t do that. be affected.” However, for users, rather than administrators, of Google Workspace Gmail accounts, there are a number of actions Google recommends taking to ensure they don’t encounter the “Username and password are incorrect” error.
- If you’re using Outlook 2016 or earlier, you’ll need to switch to Microsoft 365 or Outlook for Windows or Mac.
- If you use Thunderbird or another email client, you’ll need to re-add and configure your Google account to use IMAP with OAuth.
- If you use Mail on iOS or macOS, you’ll need to use the Sign In with Google option to enable OAuth. This involves deleting your account and then adding it again.