A few weeks ago, people started to notice that apps like Outlook, Thunderbird, and other email clients started asking them for their Google passwords. When they entered their Google password again, it would be rejected because it was incorrect.
Google started locking down its email service and how it connects to third-party email clients, eventually shutting down “less secure apps”. When enabled, you could use your main Google email address and password to sign in to an email client, weakening the overall security of your Google account.
You can still use Google in third-party apps, but the app must either support “OAuth2” (an authentication method that opens a dialog box that allows you to authenticate by logging into Google and giving the application access to your Google account ), or you must use an app-specific password.
App-specific passwords are used in conjunction with two-factor authentication on your Google account.
Most applications don’t know how to handle two-factor. So you can’t enter an authentication code, so app-specific passwords are created.
This allows you to create a special password for each application. Once created, instead of giving an application like Outlook your Google password, give it an “app-specific” password instead.
There are still people who have yet to enable two-factor authentication (2FA) for their Google accounts.
2FA significantly improves the security of a Google account. This type of authentication is divided into 3 different groups:
- something you know – A password.
- something you have – A phone in your possession that receives a text message, a code generated by an authentication app, or a login prompt.
- something you are – Your fingerprint or face.
Without 2FA enabled, you only have “something you know”, which could also be something an attacker knows as well. That is, if you accidentally provide your credentials from a phishing email or if they were obtained through a breach of the website.
Once 2FA is enabled, even if an attacker were to retrieve your password, they would be prompted by an authentication code that only you possess.
You’re probably thinking to yourself, “Well, that sounds pretty cool. How do I turn that on?” I’m glad you ask.
- First, sign in to your Google account.
- Then click on your profile icon (circle) in the top right corner of the screen and click on “Manage your Google account”.
- Click on “Security” on the left side of the screen.
- On the right, scroll down until you see “2-Step Verification” and click on it to enable two-factor authentication.
- In that same section, you will also see “Backup Codes”. Print out a copy of this as it will give you a sheet of 10 single use codes as a form of “Get out jail free” in case you lose access to your phone or authentication app.
- Once you’re done enabling 2FA and printing a copy of your backup codes, go back to the security section of your Google account.
- You will see an option called “App Password”. Click on it and enter your Google password.
- Click “Select App” and select an option from the drop-down menu. The same goes for “Select device”.
- When you’re done, click “Generate” and you’ll get a nice random password. Copy it and paste (or type) it into your email client.
Your e-mail program should be able to send and receive e-mails again.