Google Code blog announced that Gmail started to support OAuth authentication for IMAP and SMTP. What this means is that developers will be able to create applications that use Gmail data without requiring to enter your password.
"In addition to making it easier for users to export their data, we also enable them to authorize third party (non-Google developed) applications and websites to access their data at Google. While it is possible for a user to authorize this access by disclosing their Google Account password to the third party app, it is more secure for the app developer to use the industry standard protocol called OAuth which enables the user to give their consent for specific access without sharing their password," explains Google.
Gmail Drive is a popular application that uses your Gmail account to store files. After installing the application, it asks your username and password to send data to your Gmail account. If you don't trust the application, it's not a good idea to enter the password of your Google account.
When applications like Gmail Drive switch to OAuth authentication, you'll no longer have to enter your credentials. Instead, the application will open a Google web page and you'll only have to authorize the request.
An example of application that already uses OAuth authentication is SmartPush, an iPhone app that lets you filter email notifications.
Roll-out plan for HTML5 by Default
1 hour ago