Google has announced that they will be turning off access to less secure apps and removing the Less Secure Apps setting starting on June 15, 2024. Less secure apps are third-party, non-Google apps that access your U-M Google account with only your @umich.edu email address and U-M password (not through U-M Weblogin). Common examples include Outlook 2016 or older and Apple Mail. These apps may use the Less Secure Apps setting to allow them full access to your account, which puts it at an additional security risk. To continue using these types of apps with your U-M Google account, you must switch to a more secure type of access called OAuth, which most modern applications use today.
Access to less secure apps will be turned off in two stages:
- June 15: The Less Secure Apps setting will be removed for new users who have never enabled the setting and/or have the setting turned off.
- Users who still have the setting enabled on June 15 can continue to use these apps until September 30.
- September 30: Access to less secure apps will be turned off, and the setting will be removed for all remaining Google accounts.
If you do not take action by September 30 to reconnect your apps using OAuth, the less secure app(s) you’ve connected to will start showing an error message indicating that the username and password you entered are invalid, consequently preventing you from logging in to these apps via this method.