OAuth 2.0 support is now available for IMAP/SMTP and XMPP. googledevelopers.blogspot.com/2012/09/adding…—
Google Developers (@googledevs) September 17, 2012
We reported earlier on hints from Google employee Tim Bray that the company might be working on an integrated password and login solution. We know Bray is working on OAuth and OpenID-related projects, and Google announced in a blog post today that it is adding OAuth 2.0 support for IMAP/SMTP and XMMP. The majority of Google’s API’s already support the OAuth 2 authentication standard for sharing your account data with third-party apps, but today’s addition of support for IMAP/SMTP and XMMP opens OAuth 2.0 to third parties accessing services such as Gmail and GTalk.
Today we’re going a step further by adding OAuth 2.0 support for IMAP/SMTP and XMPP. Developers using these protocols can now move to OAuth 2.0, and users will experience the benefits of more secure OAuth 2.0 clients.
According to Ryan Troll of Google’s Application Security Team, clients never ask for a user’s password with the OAuth 2.0 authentication mechanism. He also noted “users have tighter control over what data clients have access to, and clients never see a user’s password, making it much harder for a password to be stolen.”
Google outlined a timeline for support for older authentication standards: