GOOGLE HAS STARTED rolling out a handful of security enhancements to its Gmail service.
The measures first outlined in April will affect any developer who uses credential security below OAuth 2.0 or unencrypted authentication. Users of these apps will now be required to perform extra security checks at every login, which will soon start to get annoying.
A new settings webpage has appeared in the Google account user interface that allows users who are unable to make the leap to the improved standard to disable the changes, but it is enabled by default.
Apps that don't meet the new criteria will advise that an incorrect password has been entered. This is the latest step to improve security of the Gmail service, which switched to a fully encrypted HTTPS service in March.
A number of existing apps and desktop programs don't adhere to the new, stricter guidelines. These include many third-party Android mail apps, Windows Phone 8.0 and earlier Mail, Mail from iOS6 and below, Mozilla Thunderbird and Microsoft Outlook, which risks precluding just about everyone not using Gmail.
This change does not affect users who have activated two-step notifications who will continue to be asked to create a disposable password for apps that don't meet the new minimum criteria.
There has been no official announcement from Google that this feature has gone live since the original report in April. We've contacted Google to confirm whether any Chrome extensions that use the same features will also be affected by the changes.
Rumours have been circulating since May that the service, which has remained almost identical since launch, will undergo a revamp to Google+ guidelines in the near future. µ