(LiveHacking.Com) – Google has been a long time proponent of using OAuth 2.0 for its services and APIs. Now it has extended its use of the open standard authorization mechanism by adding OAuth 2.0 support for IMAP/SMTP and XMPP.
It was just over a year ago that Google announced its recommendation that OAuth 2.0 become the standard authentication mechanism for itsAPIs. Using it has several security benefits including access to Google’s two-factor authentication process.
“When clients use OAuth 2.0, they never ask users for passwords. Users have tighter control over what data clients have access to, and clients never see a user’s password, making it much harder for a password to be stolen. If a user has their laptop stolen, or has any reason to believe that a client has been compromised, they can revoke the client’s access without impacting anything else that has access to their data,” said Ryan Troll from Google’s Application Security Team.
Google has alos announced that it will deprecate the older authentication mechanisms such as XOAUTH for IMAP/SMTP and X-GOOGLE-TOKEN and SASL PLAIN for XMPP.