Important changes to Gsuite - what you need to know

To strengthen G Suite accounts against hijacking attempts Google is making changes that will affect you.

Over the course of this year, Google will turn off access to apps that are deemed 'Less Secure Apps' (LSA) - those that can access Google accounts with only a username and password. For example, apps that are using imap/pop account protocols, like Thunderbird or Outlook, will stop working.

Instead of their current methods of authenticating a user, these apps and other email, contacts or calendar tools will have to upgrade to using OAuth technology. OAuth is an "open protocol that enables secure authorisation in a simple and standard method from web, mobile and desktop applications". This connection method allows apps to access account information with a digital key, instead of requiring users to reveal their username and password, and this is much more secure.

When will these changes take place? The changes will be implemented in two stages. After June 15, 2020, new users will not be allowed to start using LSAs, so apps that have not updated to OAuth will not work for new users. If you are already using an LSA, access will be allowed to continue until 15th February 2021, giving plenty of time for developers to update their apps to accommodate these new security levels.

What does this mean? If you are using a custom or third-party app that accesses data from your Gsuite account, you will need to confirm that the developer has either used OAuth technology or is updating the app before February 15th next year. If OAuth updates are not implemented you will need to find an alternative app as less secure apps will stop working in February 2021.

If you are using Google's GSuite and would like further information about this change or other support, contact us here.