Wednesday, June 29, 2022
CybersecFill
Advertisement
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us
No Result
View All Result
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us
No Result
View All Result
CybersecFill
No Result
View All Result
Home security tips

Google warns on Less Secure Applications (LSAs)

Hamzat Lateef by Hamzat Lateef
July 30, 2019
in security tips
0
google_warns_on_lsa

google_warns_on_lsa

Share on FacebookShare on Twitter

Less Secure Applications (LSAs)

Apps that are less secure don’t use modern security standards, such as OAuth. Using apps and devices that don’t use modern security standards increases the risk of accounts being compromised. Blocking these apps and devices helps keep your users and data safe.

Less secure apps (LSAs) can make it easier for hackers to break into user accounts and devices. Blocking sign-ins from these apps helps keep accounts safe.

Google considers outside apps (even their own applications, like Gmail) to be “less secure” if they require knowing your password. If your security settings block “less secure apps”, Google will, therefore, block its own application from sending the email. Learn more on email security here

Some examples of apps that do not support the latest security standards include:

  • The Mail app on your iPhone or iPad with iOS 6 or below
  • The Mail app on your Windows phone preceding the 8.1 release
  • Some Desktop mail clients like Microsoft Outlook and Mozilla Thunderbird

Managing Access to less Secure Apps

You can allow users to turn on or off access by less secure apps, disable their ability to allow less secure apps or force users to always allow less secure apps.

  1. In your Google Admin console (at here)…Go to Security > Basic settings. Under Less secure apps, select Go to settings for less secure apps.
  2. On the left, select an organizational unit where you want to manage access to less secure apps.
  • If you don’t select an organizational unit, your setting applies to your entire top-level organization.
  • If you want an organizational unit to use the same setting as its parent organization, click Use Inherited on the top right.

There are three options to be selected from:

  1. Disable access to less secure apps for all users (Recommended)
  2. Users can turn on access to less secure apps.
  3. Access to less secure apps is enable for everyone.

Disable Access to less secure Apps

While a less secure app has an open connection with a user account, the app will time out when it tries to refresh the connection. Timeout periods vary per app.

Allow users to manage their access to less secure apps

Users can turn on or turn off access to less secure apps.

Enforce access to less secure apps for all users (Not recommended)

Access to less secure apps is required for everyone. Users can’t turn off access to less secure apps. This option isn’t recommended, because it potentially increases the exposure of user accounts to hijacking. Use this option only when you want to ensure that access by a less secure app is available to all users for a limited time, such as for an upgrade. On the bottom right, click Save.

Google’s Warning to Administrators

This article is for the administrator that manages G Suite in their various organizations to make the changes as recommended by the G Suite Team. The removal of the setting to “Enforce access to less secure apps for all users” from the Google Admin console will commence on 30th October 2019. This setting will disappear from your Admin console by the end of the year. Removing this setting will help keep your users’ accounts secure, as access to less secure apps (LSAs) can inadvertently make Google accounts vulnerable to hijackers.

What do you need to do as an Admin?

G Suite Team recommend the following for the administrator:

  1. If you currently enforce access to LSAs in your domain, change your setting to disable access or allow users to manage their access as soon as possible, as LSAs can make Google accounts vulnerable to hijackers.
  2. Encourage your users to use OAuth-based protocols (like OAuth-based IMAP) to give non-Google apps access to their Google accounts, including their email, calendar, and contacts.
  3. Review our list of alternatives to less secure apps.
  4. Prepare your users and internal help desks for the change.
  5. Update any user guides you’ve previously published to recommend the use of OAuth or to instruct users on how to turn on LSAs.

 

 

Tags: Cyber EducationcyberintelligencecybersecurityData PrivacyLess Secure ApplicationSafety Tips
Hamzat Lateef

Hamzat Lateef

Next Post
Wireless Access Point

How To Secure Your Wireless Access Point (WAP)

0 0 votes
Article Rating
Login
guest
guest
0 Comments
Inline Feedbacks
View all comments
  • Trending
  • Comments
  • Latest
CEH_PRACTICAL

CEH PRACTICAL EXAM – TICKET TO CEH MASTER

February 6, 2021
Wireless Access Point

How To Secure Your Wireless Access Point (WAP)

August 3, 2019
Wifi 6 Security

Did Wi-Fi 6 come with an Improvement In Security?

May 13, 2019
credit card cloning

How Credit/Debit Cards are Cloned / Preventing Card Cloning

December 26, 2019
Nationa Cybersecurity Strategy

A Review of the Nigeria National Cybersecurity Strategy

9
Facebook

Facebook’s New Settings Allows Hackers To Easily Pentest Facebook,Instagram Mobile Applications

8
Getting Started in Cybersecurity – Fundamentals You Should Not Miss.

Getting Started in Cybersecurity – Fundamentals You Should Not Miss.

5
open Source intelligence tools

Open Source Intelligence tools – OSINT

4
Suspected Head of Cybercrime Gang Arrested in Nigeria…

Suspected Head of Cybercrime Gang Arrested in Nigeria…

June 17, 2022
Types of Hackers and Hacking Protection Tips….

Types of Hackers and Hacking Protection Tips….

June 6, 2022
Types of Hackers and Hacking Protection Tips…

Types of Hackers and Hacking Protection Tips…

May 31, 2022
Sports Betting…Increase in Cybersecurity and Data Privacy Risks for Companies and Consumers.

Sports Betting…Increase in Cybersecurity and Data Privacy Risks for Companies and Consumers.

May 19, 2022

Recommended

Suspected Head of Cybercrime Gang Arrested in Nigeria…

Suspected Head of Cybercrime Gang Arrested in Nigeria…

June 17, 2022
Types of Hackers and Hacking Protection Tips….

Types of Hackers and Hacking Protection Tips….

June 6, 2022
Types of Hackers and Hacking Protection Tips…

Types of Hackers and Hacking Protection Tips…

May 31, 2022
Sports Betting…Increase in Cybersecurity and Data Privacy Risks for Companies and Consumers.

Sports Betting…Increase in Cybersecurity and Data Privacy Risks for Companies and Consumers.

May 19, 2022

© 2020 CybersecFill. All Rights Reserved.

No Result
View All Result
  • Home
  • Events
  • News
  • security tips
  • Article
  • Contact Us

© 2020 CybersecFill. All Rights Reserved.

wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply

Privacy Policy - Terms and Conditions