Create Google App Password 16-digit passcode Gmail

How to Create an App Password for Gmail

Last updated on | 13 replies

If you use 2-Step-Verification and are seeing a “password incorrect” error when trying to access your Google Account, an App password may solve the problem. An App Password is a 16-digit passcode that gives an app or device restricted access to your Google Account without having to divulge your personal password and complete access to your Google Account.

1. Add an App Password

Note: Google now requires that you have 2-Step-Verification enabled before you can set up an application password.

Visit your App passwords page. You may be asked to sign in to your Google Account.

Note: If you are seeing a message “The setting that you are looking for is not available for your account.” you should enable 2-Step-Verification first.

In the Select app dropdown menu, choose the app you’re using. You can also select Other and enter you own custom app name.

In the Select device dropdown menu, choose the device you’re using. You can also select Other and enter you own custom device name.

What you select in these dropdowns actually has no bearing on the functionality of the app password. They are just used for your own guide and for Google to show you the appropriate instructions in the next step.

Click Generate.

Create new app password for Gmail Google Account

In the Generated app password modal, copy your 16-digit password and paste it into your application.

Select Done.

Google generated app password

After you’ve clicked done, you won’t see that App password code again. If you ever lose your app password, you can just generate a new one following the above steps.

You should now see a list of apps and devices you’ve created App passwords for.

My generated Google app passwords

2. Allow access to your Google Account

As a security precaution, Google may require you to complete an additional step when signing into a new device or application using an application password.

Visit the Display Unlock Captcha page and click Continue.

Google Display Unlock Captcha

Complete the CAPTCHA if you are prompted.

If your account was unblocked, you should see a message Account Access Enabled.

Google Account Access Enabled

Let me know if this helped. Follow me on Twitter, Facebook and YouTube, or 🍊 buy me a smoothie.

13 replies

Leave a reply

Your email address will not be published. Required fields are marked *

  1. Do you know if there’s a limit as to how many app passwords can be created for an email account? I don’t see anything in Google’s documentation.

  2. brilliant! The authorization step at the end is the bit I was missing, just followed the link and it now works. Thank you! Very happy!

  3. I can say this DOES work. Do not use the spaces generated in password. These spaces are iD10 spaces (sorry) for error proof entering.


    My issue is to differentiate 3 separate app passwords for 3 separate apps for the same gmail email account that all land to the said account looking as if it came from the same entity…..What I Need Is an App Specific AppPassword to differentiate its’ origin.

    Can you please help with that?

  4. On some rare occasions, I want my Python app on a Raspberry Pi to send me a message using my GMail account as the SMTP service. This works currently, except that Google automatically disables the app’s access to GMail after a certain time. If I do not “catch” this event, and manually restore the app’s permissions, then I do not receive these rare but important messages from my Raspberry Pi.

    Google has implied that configuring one’s account to use 2FA will also enable one to generate an app password. Google further implies that this app password will avoid the problem I describe in the first paragraph, but this is a rather vague assurance because it’s stated here that the app will get “restricted access“. Google has also been known to terminate services and features for various reasons. All of this uncertainty leads me to wonder if I’m merely an unknowing participant in an experiment, or if this 2FA and app password will solve my current problem.

    And so I have some questions:

    Is the use case I described in the first paragraph one that would be allowed under Google’s definition of “restricted access“?
    Are the 2FA and “app password” services ones that are likely to be somewhat durable elements in Google’s efforts toward security?
    If I change my GMail account to use 2FA, and subsequently decide that it doesn’t suit me, can I revert to the current userid & password scheme I have now?

    Thanks for your time.

    1. Hi Séamus,

      I assume you have you done this step? Allow less secure apps to access your Gmail account.

      I’m not surprised if Google is blocking the RasPi periodically if you are using your main Google Account password to authorise SMTP. Google login security isn’t as lax as it once was.

      You should try setting up 2FA and then give your RaspPi an app password, which should relax Google’s login security for the RaspPi. Personally I use Postfix to access Gmail SMTP without issues: How to configure Postfix to use Gmail SMTP on Ubuntu

      The whole point of an app password is that it restricts access to your Google account so if your app password is ever compromised, your entire Google account cannot be hijacked.

      And, yes, you can disable 2Fa and revert back to the old method if needed.

  5. then app password created ???. Even When i login using email and app generated password, still got incorrect password. Where should i use it ?? or should i change password with it??. I didnt understand after this processs