The Inquirer-Home

Google adds more security to its Gmail servers

You'll get a grilling if your app isn't encrypted
Mon Jul 21 2014, 16:14

gmail-logoGOOGLE HAS STARTED rolling out a handful of security enhancements to its Gmail service.

The measures first outlined in April will affect any developer who uses credential security below OAuth 2.0 or unencrypted authentication. Users of these apps will now be required to perform extra security checks at every login, which will soon start to get annoying.

A new settings webpage has appeared in the Google account user interface that allows users who are unable to make the leap to the improved standard to disable the changes, but it is enabled by default.

Apps that don't meet the new criteria will advise that an incorrect password has been entered. This is the latest step to improve security of the Gmail service, which switched to a fully encrypted HTTPS service in March.

A number of existing apps and desktop programs don't adhere to the new, stricter guidelines. These include many third-party Android mail apps, Windows Phone 8.0 and earlier Mail, Mail from iOS6 and below, Mozilla Thunderbird and Microsoft Outlook, which risks precluding just about everyone not using Gmail.

This change does not affect users who have activated two-step notifications who will continue to be asked to create a disposable password for apps that don't meet the new minimum criteria.

There has been no official announcement from Google that this feature has gone live since the original report in April. We've contacted Google to confirm whether any Chrome extensions that use the same features will also be affected by the changes.

Rumours have been circulating since May that the service, which has remained almost identical since launch, will undergo a revamp to Google+ guidelines in the near future. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Microsoft's Windows 10 Preview has permission to watch your every move

Does Microsoft have the right to keylog users of its Windows 10 Technical Preview?