Google often blocks sign-in attempts from some applications indicating that they’re less secure. It can be quite annoying to mail users and G Suite users alike but it’s possible to enable less secure apps for your Google or G Suite account.
In this article, we’ll discuss:
- What is a less secure app
- How to enable access to less secure apps as a Gmail user
- How to enable access to less secure apps as a G Suite Admin
Table of Contents
What is a Less Secure App?
A less secure app (LSA) is an application that connects to a Google account with the username and password verification only and does not use modern security standards such as OAuth.
LSA is not recommended by Gmail for connecting to an external application because it leaves your account and data vulnerable to hijacking. Connecting via OAuth is the best way to go as it’s comparatively more secure.
Google automatically turns off access for less secure apps if it’s not used.
Allow Access to Less Secure Apps as a Gmail User
You can turn on the less secure app settings in just four steps:
- Log in to your Google account
- On the left navigation panel, click on security
- At the bottom of the page, in the less secure app panel, toggle the switch to on
- Navigate to the Display Unlock Captcha page and click continue to remove the security block
If you can’t find the settings discussed above then:
- G Suite Admin: the setting may have been turned off by your G Suite administrator. In which case, follow the instructions down below or contact your g Suite administrator for further help.
- 2-Step Verification: less secure app access is not available for accounts with 2-step verification enabled. If you’re one of those users, then create an application-specific password to access your application.
Allow Access to Less Secure Apps as a G Suite Administrator
- Sign in to your Google Admin Console (as an administrator)
- Go to security -> Basic settings
- Under the Less secure apps section, navigate to settings for less secure apps
- In the window, select the option, Allow users to manage their access to less secure apps (turn on less secure apps option in users setting too). This will enable access to less secure apps to the G Suite’s users within the selected group or organization.
- Save the settings
- To enable the setting as a user, log in as the G Suite user and visit: https://myaccount.google.com/lesssecureapps to toggle Less Secure Apps access.
Important Notification for G Suite Admins
In June 2020, Google will limit (and proceed to end) the ability of the less secure apps to access G Suite account data. This will include third-party applications that allow password-only access to Google Calendar, contacts, and email via protocols like CardDav, CalDav, IMAP, and Exchange ActiveSync (EAS).
Access to less secure apps will be turned off in two stages:
Stage 1: From June 15, 2020
- Users who try to connect to a less secure app for the first time will no longer be able to connect
- Users who have connected to less secure apps before will be able to do so until it’s completely turned off
Stage 2: From February 15, 2021
Access to less secure apps will be turned off for all G Suite users indiscriminately.