To help keep your account secure, from May 30, 2022, Google no longer supports the use of third-party apps or devices which ask you to sign in to your Google Account using only your username and password. Important: This deadline does not apply to Google Workspace or Google Cloud Identity customers. The enforcement
date for these customers will be announced on the Workspace blog at a later date. For more information, continue to read. If an app or site doesn’t meet our security standards, Google might block anyone who’s trying to sign in to your account from it. Less secure apps can make it easier for hackers to get in to your account, so blocking sign-ins from these
apps helps keep your account safe. If "Less secure app access" is on for your account Because less secure apps can make your account more vulnerable, Google will automatically turn this setting off if it’s not being used. If "Less secure app access" is still on for your account, we recommend turning it off now and switching to more secure apps. To help keep your account secure, we recommend that you keep this setting off and use more secure apps.Turn off "Less secure app access"
If "Less secure app access" is off for your account
If "Less secure app access" is turned off for your account, you can turn it back on. We recommend switching to more secure apps instead.
How more secure apps help protect your account
When a third-party app meets our security standards, you can:
- See what level of account access you’re giving the app before you connect your Google Account
- Let the app access only a relevant part of your Google Account, like your email or calendar
- Connect your Google Account to the app without exposing your password
- Disconnect your Google Account from the app at any time
Learn more about third-party apps with access to your account.
Fix problems
Can’t use an app with my Google Account
Update your app or operating system
If the app or the operating system on your device is out-of-date, updating to the latest version might allow you to use the app with your Google Account.
Make sure you’re using the latest version of the app and your device’s operating system.
Use more secure apps
If an app uses less secure sign-in technology, you might not be able to use it with your Google Account.
You can sign in to your Google Account from any third-party app that has the "Sign in with Google" option. You can also sign in to your Google Account using all Google products, like Gmail.
Use an App Password
An App password is a 16-digit passcode that gives a non-Google app or device permission to access your Google Account. Learn more about how to sign in using App Passwords.
Was this helpful?
How can we improve it?
This article is for administrators. For actions users can take, go to Less secure apps & your Google Account. You can block sign-in attempts from some apps or devices that are less secure. Apps that are less secure don't use modern security
standards, such as OAuth, so increasing the risk of accounts and devices being compromised. Block these apps and devices to improve data safety. Examples of apps that don’t support modern security standards include: Examples of apps that do support modern security standards are Gmail,
Windows Mail, Outlook from Microsoft 365 [desktop version], Outlook for Mac, Instagram, PayPal, Amazon, Facebook, and Basecamp.
Note: When 2-step Verification is turned on for an account, access to less secure apps is automatically disabled, unless users are in a configuration group that allows access to less secure apps. Go to Manage access to less secure apps below.
Transitioning to more secure app access to Google Accounts
Blocking sign-ins from less secure apps helps keep accounts safe. For these reasons, Google is limiting password-based programmatic sign-ins to Google Accounts.
Expand all | Collapse all
If you allow sign-ins from less secure apps
Even though the enforcement option has been removed, you can still allow users to turn on or off access to less secure apps on their individual accounts. Google will turn off the setting on individual accounts for users who stop using it. Users can turn it back on until the setting is removed.
As Google gradually ends less secure apps access to Google Accounts, you’ll receive email notifications about changes that affect you.
Use alternatives to less secure apps
As the enforcement option is no longer available, we recommend turning off less secure apps access now. Start using alternatives to less secure apps as soon as possible.
- Use apps in your company that use OAuth 2.0 authentication. Deploy new applications or update your existing apps to support OAuth 2.0 for authentication.
- If some users can’t migrate to a more secure platform, they can use alternatives.
| Apple Mail configured with POP3 | Re-add your Google Account to Apple Mail and configure it to use IMAP with OAuth. This automatically initiates the connection with OAuth. |
| iOS Mail | Continue using iOS Mail as long as you have iOS 6.0 or later. OAuth support is automatically included in iOS 6.0 and later when you add an account using the Google option. |
Outlook for Windows via | Google Workspace Sync for Microsoft Outlook [GWSMO]. About Google Workspace Sync for Microsoft Outlook |
| Mozilla Thunderbird | Re-add your Google Account to Thunderbird and configure it to use IMAP with OAuth. This automatically initiates the connection with OAuth. |
Legacy office devices Examples: scanners and multifunctional printers that send email | Continue using legacy office devices with SMTP. Other protocols [such as POP3 and IMAP] will be blocked unless they use OAuth. |
| Any other app | Request that the app developer update the app to use OAuth 2.0. |
Manage access to less secure apps
You can allow users to turn on or off access to less secure apps or disable their ability to allow less secure apps.
- To apply the setting to everyone, leave the top organizational unit selected. Otherwise, select a child organizational unit or a configuration group.
- Select the setting for less secure apps:
Disable access to less secure apps [Recommended]
Users can’t turn on access to less secure apps.
When you disable access to less secure apps while a less secure app has an open connection with a user account, the app will time out when it tries to refresh the connection. Timeout periods vary per app.- Allow users to manage their access to less secure apps
Users can turn on or turn off access to less secure apps.
- Click Save. If you configured a child organizational unit, you might be able to Inherit or Override a parent organizational unit's settings.
Monitor accounts that allow less secure apps
Use accounts reports to see whether users can allow less secure apps to access their accounts. For details, read Accounts reports.
Google, Google Workspace, and related marks and logos are trademarks of Google LLC. All other company and product names are trademarks of the companies with which they are associated.
Was this helpful?
How can we improve it?