How to Revoke an Application Password for Gmail

Using 2-Step Verification

7993445733_d6215f9789_o-Matthias-Penke-Verkehrsschild-Durchfahrt-verboten-.jpg
Road sign: No Entry! [Verkehrsschild: Durchfahrt verboten!]. © Matthias Penke; CC BY-NC-ND 2.0 license

Holes in 2-Step Authentication for Gmail

With 2-step authentication enabled to keep your Gmail account about as secure as it can get, you immediately pinched a hole into that protection in the form of an application-specific password so your favorite email program could access mail and folders through IMAP (or just mail via POP).

The hole is tiny, of course: it is a plain password, yes, but a password made up of random letters arranged without rhyme; it is a password that can be lost, alright, but the only place where it is kept is the email program (though it gets sent to Gmail whenever the program logs in); it is a teeny hole, admittedly, but every such password is a hole still.

Closing the Holes

The smaller the holes opened by passwords, the better. The fewer the holes in 2-step Gmail authentication security, the better. So, it is good to revoke any application-specific Gmail passwords as soon as you no longer use an application or device or, perhaps, no longer trust it to keep the password, your Gmail account and your mail secure.

Fortunately, deleting any application password is easy, as easy as generating it was, in Gmail. Revoking any application-specific password will not, of course, affect the other passwords you have generated for other applications.

Revoke an Application Password for Gmail (Using 2-Step Verification)

To delete an application-specific password generated to access your Gmail account through IMAP or POP and stop it from working:

  1. Click your avatar or name near the top right corner in Gmail.
  2. Follow the Account link.
  3. Go to the Security tab.
  4. Click Settings under 2-Step Verification in the Password section.
  1. If you are prompted for your password:
    1. Enter your Gmail password over Password.
    2. Click Sign in.
  2. Open the App-specific passwords tab.
  3. Now click Manage application-specific passwords.
  4. If you get a password prompt:
    1. Type your password over Password.
    2. Click Sing in or hit Enter.
  5. Click Revoke for the application-specific password you want to delete.
    Was this page helpful?