Gmail User Guide: How To Enable Less Secure App Access (And Why You Might Want To)

Being Google's premiere email service, Gmail has plenty of useful features like built-in translation and the glorious Unsubscribe button that slowly whittles down the spam coming to your inbox. But a feature that has one foot out the door is the ability to give less secure apps access to your Gmail, at least for certain accounts. Google put its G Suite less secure apps policy changes on hold in 2020, but those changes are finally going into effect in the Fall of 2024.

For those who don't know, "less secure apps" is a general term that Google uses for third-party apps or devices that only need you to enter your username and password to sign in. Because they don't require Google's authenticator to log in, the company deems these apps and devices as security risks, particularly for Google Workplace accounts, hence the name. Starting in Fall 2024, Workplace will no longer support signing into a Gmail account on less secure apps, but is that a bad thing?

While it's certainly easier for hackers to get access to your accounts if you don't use an authenticator, which is why you should always enable 2-factor authentication, not all less secure apps pose a threat. Many non-Google email, contacts, and calendar apps are technically less secure, especially those running older versions of iOS and Microsoft Outlook. So, if you still want to access your Gmail on those apps, there is still a way to do so.

To be fair, there aren't many less secure apps out there, but you can still bypass the policy change if you really want to. Unfortunately, it isn't as easy as turning on a setting. Instead, you need to take the more secure route of setting up an app password. Essentially, Google will generate a random password, which you can then use to sign into your Gmail account on another app. This sign-in method doesn't require an authenticator, but you won't be able to use your own password.

Here's how to do it:

1. Open a web browser and sign into your Google Account.
2. On the account page, navigate to Security.
3. Under How you sign in to Google, click 2-Step Verification.
4. Click App passwords at the bottom, or visit the App passwords page directly.
5. Enter a name to help you remember what app the password is for
6. Click Create

Now, use the app or device you want to use to log in and enter this new, generated password as an alternative to your Gmail password. Just know that you won't be able to see this password again, but you generally only need to enter the app password once per app or device, so you won't have to memorize it. App passwords are only available on personal Gmail accounts that have 2-Step Verification set up and don't have Advanced Protection enabled. Afterward, you'll still be able to sign in to less secure apps with your Gmail, but the app password adds a degree of security that a standard username-password sign-in is missing.

This process is a lot similar on an iPhone or Android. In fact, it's practically the same one. In order to get access to your Gmail on less secure apps, you will still need to create an app password, but this time, it will be through the Google app instead of an internet browser.

Regardless, for all you smartphone warriors out there, follow these steps to create app passwords on your smartphone:

1. Download and open the Google app (not the Home, TV, or Maps apps)
2. Tap your profile icon in the top right corner.
3. Select Manage your Google Account.
4. Tap Security from the top categories. You may need to slightly scroll to the right to find it.
5. Under How you sign in to Google, tap 2-Step Verification.
6. Enter your password.
7. Scroll to the bottom of the page and select App passwords.
8. Enter the app name.
9. Tap Create.

If, for example, you want to sign in to Apple's Mail app, open the app and replace your regular password with the generated one. From there, you should be able to sign in without needing an authenticator, so less secure apps will be available to you. It's also worth noting that while you can't see your previously generated app passwords again, you can create as many as you need.