Starting September 30, Google introduced new rules for Gmail aimed at improving account security. Millions of users will no longer be able to access Gmail data from apps that are considered less secure, as well as from devices that do not support modern security protocols, that is, using only a username and password to log in.
According to Forbes, this decision is part of Google’s large-scale campaign to improve the security level of its services, which was announced a year ago, giving users and application developers time to adapt. Over the past month, the company has been actively implementing new security technology, including access keys for the Chrome browser on all popular platforms (Windows, macOS, Linux, Android).
The new security system involves a transition to the OAuth authorization protocol, which provides more reliable data protection. You will no longer be able to access Gmail via the CalDAV, CardDAV, IMAP, POP, and Google Sync network protocols using only your username and password.
It’s important to note that the changes will only affect Google Workspace users. Owners of personal Gmail accounts do not have to worry about access to their mail, but they should be aware that IMAP access using an email client will now be carried out exclusively through the OAuth (Open Authorization) protocol, which allows a third-party application to gain limited access to user data on another service without transferring your login and password.
Google recommends taking a number of steps to avoid problems accessing Gmail once the new rules take effect. In particular, users of the Outlook 2016 and earlier email client will need to upgrade to Microsoft 365 or current versions of Outlook for Windows and Mac.
Also, users of Thunderbird and other email clients will need to re-add their Google account and configure it to work with IMAP via OAuth. Finally, Mail app users on iOS and macOS will need to use the Google Account sign-in option to enable OAuth, which will require deleting and re-adding the account.