Google to Force OAuth in G Suite to Increase Security

[Porthos]

Google announced that it will block less secure apps (LSAs) from accessing G Suite account data starting February 2021, following an initial stage of limiting their access during June 2020.

This announcement follows the removal of the "Enforce access to less secure apps for all users" setting from the Google Admin console on October 30, 2019.

LSAs are non-Google apps that access Google accounts using only a username and password pair and thus exposing users who use them to account hijacking attacks.

The process through which apps are sending username/password pairs with every authentication request made when connecting to a server, an endpoint, or an online service is also known as basic authentication or proxy authentication.

While this simplifies the authentication process, it also makes it a lot easier for potential attackers to steal the user's credentials when connections are not secured using Transport Layer Security (TLS) or to obtain them via credential dumps following a data breach.

https://www.bleepingcomputer.com/ne...-force-oauth-in-g-suite-to-increase-security/

 

[HCHTech]

Oh the things this will break - haha.

 

[Sky-Knight]

A bit of trivia, Microsoft is enforcing this change on Oct 13, 2020. This is the date that the system requirements for O365 change to require a version of Office in mainstream support. As such, on Oct 13 all Office 2010, and 2013 installs will lose the ability to communicate with O365. 2016 was losing out too, but MS got slapped for it so it has some more time.

But yes, that's a huge D day on the O365 side, basically anyone still holding out on perpetual licensing has 10 months to get onto the sub, or watch their Outlooks burn.

 

[HCHTech]

But yes, that's a huge D day on the O365 side, basically anyone still holding out on perpetual licensing has 10 months to get onto the sub, or watch their Outlooks burn.

You can still buy perpetual licenses of Office 2019, so that is an option as well. O365 is right for some, not right for all. As long as MS continues to offer perpetual licensing, I'll offer it as an option along with the math that shows how much less expensive it is if you don't need what O365 offers.

 

[britechguy]

if you don't need what O365 offers.

And therein is the crux of the matter: lots of people don't. Feature matching is a service we technicians can and should provide for our clients. Tool to task, and all that.

I am adamantly opposed to a lot of the blatant selling of unneeded features and products I see all the time. Not that it's directly pertinent here, but the marketing of VPNs is a textbook example of trying to sell as many people as possible something they almost certainly don't need. The same can be said of Office suites.

 

[Fred Claus]

I have a couple clients asking about this as well. The way I understand what I read and what you said is this. If you use the "Sign In with Google" option other website and apps, this will be affected. If you use a Google App like Gmail, Calendar, Keep and others, they are still safe to do username and password. That's correct right?

 

[Sky-Knight]

You can still buy perpetual licenses of Office 2019, so that is an option as well. O365 is right for some, not right for all. As long as MS continues to offer perpetual licensing, I'll offer it as an option along with the math that shows how much less expensive it is if you don't need what O365 offers.

The problem I have with that is the basically insane tracking and constantly changing goal posts involved with those licenses. Microsoft has retooled office.com/myaccount how many times in the last few years? I've got missing licenses, stuff that's magically moved to other stations... every thing you can imagine in that mess. Buying 2019 is a thing, but have you noticed that 2019 has a shorter support life than 2016 did?

Though, if you want the cheapest solution, buying perpetual seats for the desktops, and topping them off with Office 365 Business Essentials, at $5 / month / user gives you all the cloud features, and you're cutting out that $8.50 / month for the on premise software. But for that to make financial sense, you have to buy the new perpetual version, basically on launch to maximize return.

 

[HCHTech]

The problem I have with that is the basically insane tracking and constantly changing goal posts involved with those licenses. Microsoft has retooled office.com/myaccount how many times in the last few years? I've got missing licenses, stuff that's magically moved to other stations... every thing you can imagine in that mess. Buying 2019 is a thing, but have you noticed that 2019 has a shorter support life than 2016 did?

Though, if you want the cheapest solution, buying perpetual seats for the desktops, and topping them off with Office 365 Business Essentials, at $5 / month / user gives you all the cloud features, and you're cutting out that $8.50 / month for the on premise software. But for that to make financial sense, you have to buy the new perpetual version, basically on launch to maximize return.

Yes - their tracking is insane. They way the site is designed it is clear that they want you to register each license with the individual employee's corporate email. Yeah, I don't do that. I use a single corporate email created for just that purpose, and put them all under that. THEN, I record the final key and install date for each employee that gets a copy in my own records, since the install date is the only way to identify which license goes where. It's nuts, but it works. Doing that, I've never "lost" a license or had it disappear. Their system works great for single employee or single + spouse, and volume works great for big companies, but they never built a system for the middle guys, companies with 5-50 employees, I'd say. Too small for volume, and registering to individual employee's addresses just seems dumb.

For small businesses (which is my market) nobody including me cares about support. Does it work with their LOB software (assuming they have one and there is some type of integration)? Then everybody's happy. Office 2019 purchased today will undoubtedly work for the life of a new computer purchased today. In a reinstall, even if the license somehow disappeared from MS's site, there is still the option to activate with a key instead, and that has worked 100% of the time when I made that choice (mostly when doing Win10 upgrades and I don't have the account creds handy for whatever reason).

For clients where O365 makes sense (and I have some of those), Business Premium licenses work unless they need something fancier, which I haven't run into in my market yet. Who knows, the landscape is always changing.

 

[Sky-Knight]

@HCHTech, I do the same thing, and yes I've lost licenses. I've also had the last octet of the new key change in a few cases, as well as the "install date" or the "date added to the account" whatever they want to call it today.

And registering office software to an employee's email is irrational, they don't own the software.