How to Create App-Specific Passwords in Gmail

Access Google apps on devices that don't support 2FA

What To Know

  • Select your Profile icon > Manage Your Google Account > Security > App Passwords, choose an app and a device, then select Generate.
  • You can create and revoke app-specific passwords as you change the apps and devices you use.

This article explains how to generate app passwords in Gmail for your connected email clients (for example, Microsoft Outlook, Mozilla Thunderbird, and others).

Create a Gmail Application-Specific Password

To generate a new password for an email program to access your Gmail account through IMAP or POP with two-step authentication enabled:

  1. Select your profile icon in the upper-right corner of Gmail, then select Manage Google Account.

    Manage your Google Account in Gmail
  2. Select Security in the left sidebar.

    Security in Google Account settings
  3. Select App passwords under the Signing into Google section. You're then asked to confirm your Gmail login credentials.

    If you don't see App passwords as an option, you must first turn on 2-Step Verification for Gmail.

    App passwords in Google Account settings
  4. Under Select app, choose Mail or Other (Custom name), then select a device.

    Mail and Select a Device in Google App password settings
  5. Select Generate.

    Generate in Google App Passwords
  6. Your password appears in a new window. Follow the on-screen instructions to complete the process, then select Done.

    Done in Google App Passwords

    You will not see the password again, so type or paste the password into the email program immediately.

Manage App-Specific Passwords

If you need to create a new app-specific password for a program or service, go back to the App Passwords screen to delete the old password that you previously set up but no longer use for the same application.

Trach icon in Google App passwords

The value of an application-specific password is that you can revoke and regenerate a password on a service-by-service basis instead of changing the main password to your account. It's best practice to use an app-specific password only for a single service. You are free to generate as many app-specific passwords as you like.

Besides your Google account, you should set up two-factor authentication for your social media accounts.

Was this page helpful?