Google will not let its users use their G-Suite (Gmail) credentials to sign into less secure apps (LSAs) after June 15 2020. Before we get into why Google is barring the login method, let us first take a look at the sign-in option and what it is all about. As an example, let's say that you use the Mail app on iOS, you have to give the app permission to fetch your email. This is quite handy as users may like to use the iOS mail client over the Gmail app. There are many such instances where users use their Gmail or rather google credentials to log into a service. Google will be restricting the use of G-Suite login for third-party apps for security reasons. According to the Google Blog, “LSAs are non-Google apps that can access your Google account with only a username and password. They make your account more vulnerable to hijacking attempts.”
Access to LSAs will be turned off in two stages. According to the Google blog, After June 15, 2020 “users who try to connect to an LSA for the first time will no longer be able to do so. This includes third-party apps that allow password-only access to Google calendars, contacts, and email via protocols such as CalDAV, CardDAV, IMAP, and Exchange ActiveSync (Google Sync). Users who have connected to LSAs prior to this date will be able to continue using them until usage of all LSAs is turned off”. Use of LSA will be turned off for all G-Suite accounts on February 15 2021.
Google says that the end-user will be affected by this decision. The reason for Google removing this login option is because "when account access is provided through an LSA, it puts that account at risk of hijacking. That’s because LSAs provide a non-Google app access to your account through just a username and password, without any other authentication factor. If a bad actor got access to your username and password (for example, if you re-use the password on another site that is subject to a data breach), they could access your account data with just that username and password information through an LSA”.
Securing your account and personal details is of utmost importance. If a phishing account gets access to your Gmail account, there's a high risk of your data being stolen. Looking back, there are a number of services and apps where users sign in using their Google credentials.