Last December, Google announced that it will be turning off less secure app (LSA) access to G Suite accounts, and that you should migrate to OAuth authentication instead.
The first phase of the LSA turn-down was scheduled for June 15, 2020. As many organizations deal with the impact of COVID-19 and are now focused on supporting a remote workforce, Google wants to minimize potential disruptions for customers unable to complete migrations in this timeframe.
As a result, Google is suspending the LSA turn-off until further notice. All previously announced timeframes no longer apply.
This applies to all categories of applications and protocols outlined in our original blog post, including Google Sync for iOS Mail. Google will announce new timelines on the G Suite Updates blog at a later date.
Despite these timing adjustments, Google does not recommend the use of any application that does not support OAuth. It, however, recommends that you switch to using OAuth authentication whenever possible for your organization.
OAuth helps protect your account by helping Google identify and prevent suspicious login attempts, and allows Google to enforce G Suite admin-defined login policies, such as the use of security keys.
See Google’s original blog post for details and instructions on migrating to OAuth.
- Admins: No action required. However, Google actually recommends switching to OAuth authentication. See the original blog post for details on migrating to OAuth.
- End users: No end user impact.
- Developers: Update your app to use OAuth 2.0 as soon as possible.
InfoSec Blogger and Content Marketing Editor ☁️