Now it became known that the next step will be blocking login attempts through the embedded browser frameworks, and the changes will affect Chromium Embedded Framework (CEF), XULRunner and other similar solutions.
These measures are primarily aimed at combating man-in-the-middle (MitM) and phishing attacks. The fact is that attackers who have the ability to intercept traffic to the Google login page often use such frameworks to automate their activities, which, moreover, allows them to deceive two-factor authentication.
Google engineers admit that they cannot distinguish legitimate attempts to log in from such attacks, and therefore frameworks will begin to block from June 2019. Instead, developers are encouraged to switch to using OAuth .