1. Add an App Password
Note: Google now requires that you have 2-Step-Verification enabled before you can set up an application password.
Visit your App passwords page. You may be asked to sign in to your Google Account.
Note: If you are seeing a message “The setting that you are looking for is not available for your account.” you should enable 2-Step-Verification first.
In the Select app dropdown menu, choose the app you’re using. You can also select Other and enter you own custom app name.
In the Select device dropdown menu, choose the device you’re using. You can also select Other and enter you own custom device name.
What you select in these dropdowns actually has no bearing on the functionality of the app password. They are just used for your own guide and for Google to show you the appropriate instructions in the next step.
Click Generate.
In the Generated app password modal, copy your 16-digit password and paste it into your application.
Select Done.
After you’ve clicked done, you won’t see that App password code again. If you ever lose your app password, you can just generate a new one following the above steps.
You should now see a list of apps and devices you’ve created App passwords for.
2. Allow access to your Google Account
As a security precaution, Google may require you to complete an additional step when signing into a new device or application using an application password.
Visit the Display Unlock Captcha page and click Continue.
Complete the CAPTCHA if you are prompted.
If your account was unblocked, you should see a message Account Access Enabled.
Let me know if this helped. Follow me on Twitter, Facebook and YouTube, or 🍊 buy me a smoothie.
Is it possible to generate the App Password via an API call?
This^ Did you ever find an answer to this problem?
Do you know if there’s a limit as to how many app passwords can be created for an email account? I don’t see anything in Google’s documentation.
brilliant! The authorization step at the end is the bit I was missing, just followed the link and it now works. Thank you! Very happy!
I can say this DOES work. Do not use the spaces generated in password. These spaces are iD10 spaces (sorry) for error proof entering.
BUT!!
My issue is to differentiate 3 separate app passwords for 3 separate apps for the same gmail email account that all land to the said account looking as if it came from the same entity…..What I Need Is an App Specific AppPassword to differentiate its’ origin.
Can you please help with that?
On some rare occasions, I want my Python app on a Raspberry Pi to send me a message using my GMail account as the SMTP service. This works currently, except that Google automatically disables the app’s access to GMail after a certain time. If I do not “catch” this event, and manually restore the app’s permissions, then I do not receive these rare but important messages from my Raspberry Pi.
Google has implied that configuring one’s account to use 2FA will also enable one to generate an app password. Google further implies that this app password will avoid the problem I describe in the first paragraph, but this is a rather vague assurance because it’s stated here that the app will get “restricted access“. Google has also been known to terminate services and features for various reasons. All of this uncertainty leads me to wonder if I’m merely an unknowing participant in an experiment, or if this 2FA and app password will solve my current problem.
And so I have some questions:
Is the use case I described in the first paragraph one that would be allowed under Google’s definition of “restricted access“?
Are the 2FA and “app password” services ones that are likely to be somewhat durable elements in Google’s efforts toward security?
If I change my GMail account to use 2FA, and subsequently decide that it doesn’t suit me, can I revert to the current userid & password scheme I have now?
Thanks for your time.
Hi Séamus,
I assume you have you done this step? Allow less secure apps to access your Gmail account.
I’m not surprised if Google is blocking the RasPi periodically if you are using your main Google Account password to authorise SMTP. Google login security isn’t as lax as it once was.
You should try setting up 2FA and then give your RaspPi an app password, which should relax Google’s login security for the RaspPi. Personally I use Postfix to access Gmail SMTP without issues: How to configure Postfix to use Gmail SMTP on Ubuntu
The whole point of an app password is that it restricts access to your Google account so if your app password is ever compromised, your entire Google account cannot be hijacked.
And, yes, you can disable 2Fa and revert back to the old method if needed.
then app password created ???. Even When i login using email and app generated password, still got incorrect password. Where should i use it ?? or should i change password with it??. I didnt understand after this processs
You may have a security block on your account. Go to this page to enable access to your Google Account.
https://accounts.google.com/DisplayUnlockCaptcha
I forgot my gmail password can you plz help me
No, it doesn’t work. Google rejects the 16-digit pass code it has just generated.
same here, unfortunately
You may have a security block on your account. Go to this page to enable access to your Google Account.
https://accounts.google.com/DisplayUnlockCaptcha