Google Workspace will no longer support the sign-in method for third-party apps or devices that require users to share their Google username and password. Google Workspace has announced new password policies that will impact how users and third-party apps access Google services. Administrators will need to push Google Accounts using OAuth through their MDM providers to ensure continued access on iOS devices. For end-users relying on apps that access Google Accounts with only a username and password, action is required before September 30, 2024. This method, known as Less Secure Apps (LSAs), poses a security risk by requiring users to share their credentials with third-party apps, potentially allowing unauthorized access. By phasing out less secure authentication methods and promoting the use of OAuth, Google aims to protect user data from potential breaches. Google Endpoint Management users should note that custom push configurations for CalDAV and CardDAV will become ineffective after these dates. Administrators can identify current Google Sync usage within their organization by navigating to Devices > Mobile & Endpoints > Devices in the Admin Console and filtering by Type: Google Sync. Instead, Google is encouraging the use of “Sign-In with Google,” which utilizes the more secure OAuth authentication method. Developers must update their applications to use OAuth 2.0 to maintain compatibility with Google Workspace accounts. GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.
This Cyber News was published on gbhackers.com. Publication date: Tue, 01 Oct 2024 10:43:16 +0000