Google enforces new security rules for Gmail users

US technology company Google has officially applied new security rules to its Gmail service from September 30 to better protect users' personal information.

Starting today, Google users will no longer be able to access their Gmail data from apps and devices that don’t meet modern security standards, part of a broader push Google launched a year ago to improve security across all of its services.

Google has rolled out new security technologies, including applying access keys to the Chrome browser on popular operating systems such as Windows, macOS, Linux, and Android.

The new security system will switch to using the OAuth authorization protocol to improve the effectiveness of protecting user data. As such, users will not be able to access Gmail via protocols such as CalDAV, CardDAV, IMAP, POP, and Google Sync with just a username and password.

The changes primarily affect Google Workspace users. Personal Gmail account holders don’t need to worry about access to their mailboxes, but IMAP access via email clients will only be possible through OAuth, which allows third-party applications to have limited access to data without needing the user’s login and password.

According to Google, users need to take some necessary steps to avoid problems accessing Gmail after the new rules take effect. Specifically, users of Outlook 2016 and earlier should upgrade to Microsoft 365 or newer versions of Outlook for Windows and Mac. Users of Thunderbird and other email clients will also need to re-add their Google accounts and reconfigure them to work with IMAP via OAuth.

Mail app users on iOS and macOS will need to use the Google account sign-in option to enable OAuth, which will require them to remove and re-add the account.