Showing results for 
Show  only  | Search instead for 
Did you mean: 

Scanning trouble coming: Google gmail to require Oauth for all connections 9/1/2024


If you have a Canon MF-series or a scanner that you use to directly scan-to-email to a Gmail account, there are big and unpleasant changes coming.

To wit, the following arrived from Google today:


Dear Administrator,
We’re writing to let you know that as we previously shared in this blog post , we’ll be turning off access to less secure apps (LSA) — non-Google apps that can access Google accounts with only a username and password (basic authentication) — starting June 15, 2024
What do you need to know?
Access through basic authentication makes accounts more vulnerable to hijacking attempts. Moving forward, only apps that support a more modern and secure access method called OAuth will be able to access Google Workspace accounts.

Access to LSAs will be turned off in two stages:

1. Beginning June 15, 2024 - The LSA settings will be removed from the Admin console and can no longer be changed. Enabled users can connect after that time, but disabled users will no longer be able to access LSAs. This includes all third-party apps that require password-only access to Gmail, Google Calendar, Contacts via protocols such as CalDAV,CardDAV, IMAP, SMTP, and POP. The IMAP enable/disable settings will be removed from users’ Gmail settings.
If you’ve been using LSAs prior to this date, you can continue using them until September 30, 2024.

2. Beginning September 30, 2024 - Access to LSAs will be turned off for all Google Workspace accounts. CalDAV, CardDAV, IMAP, and POP will no longer work when signing in with just a password — you will need to
login with a more secure type of access called OAuth

So the upshot is that unless Canon updates their firmware, that these devices will no longer be usable to directly scan-to-email to a Gmail account.

In my particular case, I have a:

imageCLASS MF426dw
Version Information:
Main Controller:12.01
Boot ROM:01.20

...which does not (currently :-o) support Oauth.

What to do?