Allowing Desktop Email Programs Access to Gmail

Using Basic Password Authentication

Data security, conceptual artwork

Gmail offers email programs and add-ons access to your messages, labels, contacts and more in most secure a manner using OAuth. With this method of logging in, the email client never gets nor can it store or leak your password, access can be revoked for individual utilities easily at any time, or restricted to certain data for specific uses and add-ins.

Gmail also offers email programs access via POP and by IMAP using traditional plain-text password authentication (and using application-specific passwords with two-step authentication). This is inherently less secure; you have to give your password to the email program (which may store it in a fashion that allows hackers to access it, though most programs do take care to securely save passwords, of course); your password may be sent over the internet in plain text (which allows for password snooping); you can only change that password to lock out one program (which locks out all others using the password, too, though that does not necessarily apply to application-specify passwords); and you cannot control access more finely tuned to what data any individual client actually needs.

So, Google may turn off access via IMAP or POP by password alone to help secure your account. Then, you may find your email program suddenly "unable to connect to Gmail" (, or You are not restricted to just email utilities and apps using OAuth. Aware of the risks involved, you can still enable basic password-authenticated POP and IMAP access to your Gmail account -- two-factor authentication recommended.

Allow Desktop Email Programs Access to Gmail (Basic Authentication)

To make sure desktop and mobile email programs can connect to a Gmail account using IMAP or POP and basic authentication:

  • Click your avatar near Gmail's top right corner.
  • Follow the Account link in the sheet that has appeared.
  • Go to the Security category.
  • Click Settings under Less secure apps in the Account permissions section.
  • Make sure Enable is selected under Access for less secure apps.