Less Secure App Turned Off for G Suite until Further Notice
Google has taken a great decision at this crisis time to suspend turn off the Less secure Apps as many organizations are working from home and will not be able to migrate within the given time frame.
A Less Secure App ( LSA) is nothing but an offline client that connects to Google accounts using the only username and password authentication for accessing those accounts. As a G Suite administrator, you can only allow the users in your organization to use outside applications that connect to Google accounts over a less secure app which makes user accounts liable to hacking.
To design your G Suite account for an offline client you need to select “Enforce access to less secure apps for all users “ which is not recommended. However, the setting "Enforce access to less secure apps for all users” which is not recommended will vanish from the Google Admin console by the end of this year.
Admin and end-users will be impacted by this change. But the importance of this change is to protect your Google account from the hackers.
Last December it was announced by Google that the company would be turning off the Less secure app(LSA) access to G Suite accounts and you should migrate to OAuth authentication instead. The first phase of Less Secure Apps turn off was scheduled on June 15, 2020. Now, most of the organizations are dealing with the impact of the Novel Virus COVID-19 and are now focused on supporting a remote workforce, working from home. Due to this, Google has decided to minimize potential disruptions for customers who were unable to complete migrations in the given time frame.
As a result, for the time being, Google has suspended the plan of turning off the Less Secure App until further notice. All time frames which were previously announced, no longer apply.
This applies to all categories of applications and protocols including Apple iOS Mail (whether syncing through IMAP or Google Sync). Google will announce a date about turning off Less Secure Apps at a later date.
In Spite of these timing adjustments, Google does not recommend the use of any application that does not support OAuth. Users should switch to using OAuth authentication whenever possible for their organization. OAuth helps protect your account by helping you identify and prevent suspicious login attempts, and allows you to apply G Suite admin-defined login policies, such as the use of security keys.
Getting started
Admins: No action required. However, we do recommend switching to OAuth authentication.
End-Users: No end-user impact.
Developers: Update your app to use OAuth 2.0 as quickly as possible.
