Google to revoke OAuth2 tokens to improve security

To provide more security for its Google Apps environments, starting Tuesday, Feb. 2, Google will begin revoking OAuth2 tokens when a user’s password is changed. OAuth2, an open standard for authorization, allows a user to access certain third-party products without revealing his or her credentials.

Impact to you
When you reset your password for your Google Apps @ NC State account, your mail and other data will automatically stop syncing to any application or device using OAuth2 authentication until you re-authenticate with your new password. Some common applications that use OAuth2 authentication are official Gmail and Google Calendar apps for your mobile device and native apps like Apple Mail, Apple Calendar or Google Apps Sync for Microsoft Outlook (GASMO). Google users and administrators still retain the ability to revoke access to applications via Google’s Security Checkup page and the Google Apps Admin console, respectively.

Accessing your account
To access your Google Apps account again, you will need to re-authenticate to:

  • your Google Apps account on your mobile device(s), and
  • any applications that you may have used to access your Google Apps account, including Gmail or Calendar clients on mobile devices or any third-party software that relies on OAuth2 Google credentials for authentication.

For more information on Google’s new security policy change, please see Increased account security via OAuth2 token revocation.