Gmail Security Lockout
Gmail Security Lockout: a reader asks…
I received an email from Google the other day declaring: “On May 30, you may lose access to apps that are using less secure sign-in technology. Google will no longer support the use of third-party apps or devices…” I have been accessing both my AOL and Gmail accounts on my 2015 MacBook Pro and iPhone 6 using the Apple Mail apps (in a combined inbox). I also have a dormant Google Chrome app that I don’t use or need but acquired when someone had trouble with me using safari. I have many apps that I don’t use and probably should delete. I am concerned about the instructions asking me to delete my google app. I am unsure about how I access things. Could I have a support tutorial? I plan on replacing my iPhone 6 with a 13 this summer and I should resolve this before.
It sounds like you received an email version of the notification showing at Google Account Help. Just an aside, but Google is not telling you to delete your google app. The warning is about non-Google apps you’re using (such as Mac Mail, or the Apple Mail app on your iPhone). It’s also not telling you to delete those apps, rather it’s telling you that your apps won’t be able to send or receive mail from your Gmail account after May 30 (without action on your part).
What’s happening is that many email service providers (not just Google but also AOL and more) are restricting access to your email account in order to tighten security. Basically, 3rd party apps are being restricted (but not totally prevented) from using email services.
E.g., Google wants you to use Google apps, AOL wants you to use AOL apps, etc. This is in direct response to the sad fact that so many email accounts are compromised every day. Reasons for compromise include poor password hygiene, over-sharing of account information, and using poorly-designed 3rd party apps that are not secure.
When Google (or AOL) prevents all 3rd party apps, that’s the easy way they can institute better security. The truth is that your Apple Mail apps are highly secure, but it’s too much work for Google (or AOL) to allow access to some 3rd party apps and not others.
3rd party apps are any apps from a company other than the one providing the service.
Notice I said “not totally prevented”. Google still has a method for allowing 3rd party apps to access your Google account, this is outlined at this Google help article. AOL has the same capability, outlined at their help article.
In order to allow a 3rd party app to access your Google (or AOL) account, you have to log into your account on a web browser, navigate to the security section, then create an “app password” and use that password with the 3rd party app to access your email account.
For your Mac and your iPhone (either the current 6 or the new 13), you can create app passwords for the mail apps on those devices, and use them instead of your main account passwords. You don’t need to be overly worried about using a 3rd party mail app with either your Google or iPhone – as long as it’s an up-to-date and high-quality app.
- For your 2015 Macbook Pro, you should be running macOS Monterey (version 12.x) in order to have the latest and most secure version of the Mail app (although MacOS version 10.15 Catalina and 11 Big Sur are still supported). Macbooks are generally supported by Apple with software updates for about 10 years. Apple has a list of outdated Macs that are no longer supported, that list is kept up-to-date in an Apple Support Article. Once your Macbook Pro appears on that list, you should be thinking about replacing it.
- For your iPhone 6, you are probably running iOS version 12 (the 6s is the oldest iPhone able to run the current iOS version 15). Apple is stopping support for that in September, so it’s good that you’re replacing the old iPhone 6. Apple has a list of outdated iPhones that are no longer supported, that list is kept up-to-date in an Apple Support article: Once your iPhone appears on that list, you should be thinking about replacing it (your iPhone should be on it soon, likely no later than September 2022).
I agree that you should delete apps you no longer use. I subscribe to the KIS principle – keep it simple. The more things you have on your device, the more complicated it gets to diagnose and fix a problem. There’s nothing stupid about this (notice my acronym has only one S); “housekeeping” is something almost everyone puts off for good reasons! However, in these times of huge cybersecurity risks – mass hacking and scamming, ransomware and more – it’s safer to get rid of those apps when possible.
Mitigating those risks is an iterative, ongoing process, here are five critical steps: and these are platform-independent (Mac or PC, any kind of smartphone or other computing device):
- Use unique and strong (e.g., long – over 15 characters) passwords for each of your online accounts, and use 2-factor authentication wherever available
- The only way to keep track of those unique and strong passwords is to use a good password manager
- Keep your computer and other computing devices up-to-date – not just the operating system but also firmware/drivers, and 3rd party software
- Don’t get your firmware/drivers from any source other than the manufacturer of your device.
- Don’t get your operating system updates from any source other than the manufacturer of your operating system.
- Don’t get software updates for each and every app you use from any source other than each specific software developer (either directly, or through the Apple App Store). All those so-called helper programs are risky.
- Keep tabs on your creditworthiness and financial account access – make sure you’re the only one with access:
- Creditworthiness & financial accounts
- Online shopping accounts
- Social media accounts
- Online website accounts
- Keep track of your personal information – don’t overshare and make sure only you have access.
- Keep your critical information backed up – use a backup device or service:
- External drives are cheap and easy to use.
- Online services like Apple iCloud and Microsoft OneDrive are easy to setup and use.
- Avoid online backup services that aren’t well-known and have a good security track record.
I have more detail about keeping your digital life safe here.
This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:
or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!