Less secure app turn-off suspended until further notice

Last December, we announced that we’d be turning off less secure app (LSA) access to G Suite accounts, and that you should migrate to OAuth authentication instead. The first phase of the LSA turn-down was scheduled for June 15, 2020. As many organizations deal with the impact of COVID-19 and are now focused on supporting a remote workforce, we want to minimize potential disruptions for customers unable to complete migrations in this timeframe.

As a result, we are suspending the LSA turn-off until further notice. All previously announced timeframes no longer apply. 

This applies to all categories of applications and protocols outlined in our original blog post, including Google Sync for iOS Mail. We’ll announce new timelines on the G Suite Updates blog at a later date.

Despite these timing adjustments, Google does not recommend the use of any application that does not support OAuth. We recommend that you switch to using OAuth authentication whenever possible for your organization. OAuth helps protect your account by helping us identify and prevent suspicious login attempts, and allows us to enforce G Suite admin-defined login policies, such as the use of security keys. See our original blog post for details and instructions on migrating to OAuth. 

Getting started 

• Admins: No action required. However, we do recommend switching to OAuth authentication. See our original blog post for details on migrating to OAuth.
• End users: No end user impact.
• Developers: Update your app to use OAuth 2.0 as soon as possible.