How to Create a Gmail Application Specific Password for POP/IMAP

With 2-Step Verification Enabled

9415848746_4c13527434_o-Lulu-Hoeller-Incorrect-Passwords-.jpg
Incorrect Passwords. © Lulu Hoeller; CC BY 2.0 license
Updated May 14, 2017

If you have 2-step authentication enabled for a Gmail account, you need to create an application-specific password to connect an email program through POP or iMAP.

Cannot Get Your Email Program to Connect to Gmail?

For your Gmail account to be secure and your emails to be safe, 2-step authentication with its combination of password and code generated on or sent to your phone is priceless. Unfortunately, many an email program and some email services and add-ons do not know how to connect to a Gmail account locked with 2-step authentication.

All they understand are passwords.

Gmail 2-Step Authentication and Simple Passwords

Fortunately, you can make Gmail understand passwords, too: you can easily have Gmail generate individual and random passwords for use in one email program each. You do not get to pick the password, you should not write it down or remember it, and you only see it once—so you enter it in the email program, which will, let us hope, keep it safe.

You do, though, get to revoke each password so generated for an individual application at any time. If you no longer trust an application or have stopped using it, do delete the password to reduce the count of potential targets for successful guessing by 1.

Create a Gmail Application Specific Password to Use POP or IMAP Access (2-Step Verification Enabled)

To generate a new password for an email program, utility or add-on to access your Gmail account through IMAP or POP with 2-step authentication otherwise enforced:

  1. Click your name or photo near your Gmail inbox's top right corner.
  2. Follow the My Account link in the sheet that has appeared.
  3. Click Signing in to Google under Sign-in & security.
  4. Click Settings under 2-Step Verification in the Password section.
  5. Now click App passwords under Password & sign-in method.
  6. If prompted for your Gmail password, enter your password over Enter your password and click NEXT.
  1. Make sure Mail or Other (custom name) is selected in the Select app ▾ drop-down menu.

    If you selected Mail, choose a computer or device from the Select device ▾ menu.

    If you selected Other (custom name), type the application or add-on and, optionally, device (like "Mozilla Thunderbird on my Linux laptop") over e.g. YouTube on my Xbox.
  2. Click GENERATE.
  3. Find and immediately use the password under Your app password for your device.

    Important: Do type or copy and paste the password into the email program right away, Gmail add-on or service immediately. You will not see it again.

    Tips: You can always generate a new password, of course; make sure you revoke passwords previously set up but no longer used for the same application.
    Use the password specifically and only for that email application, service or add-on.
    You can revoke any application-specific Gmail password without affecting passwords set up for other applications.
  4. Click DONE.