Setting up SMTP for sending emails through your application? If you’re using Gmail, you’ll need to enable App Passwords (especially if you have 2-Step Verification enabled). Follow these simple steps:
Note: You must have 2-Step Verification enabled to access App Passwords.
This is your new SMTP password. Use it with your full Gmail address when configuring email in your app.
You can always revisit the App Passwords page to:
You’re Done!
Your SMTP is now securely set up using Google’s recommended method. This helps keep your email communication reliable and protected.
Yes, Google still allows app passwords but they are a last resort for “less secure apps” and are only available for accounts with 2-Step Verification (2FA) enabled; they are unnecessary for most modern apps and are not recommended, as they don’t protect against all security risks. App passwords are 16-digit passcodes that grant specific apps or devices permission to access your Google Account and should be generated only when necessary and for a specific device or app.
1. How can I set up SMTP for sending emails through Gmail?
To set up SMTP in your application, use Gmail’s SMTP server: smtp.gmail.com
, Port 587
(TLS) or 465
(SSL), and enable authentication with your full Gmail address and an App Password.
2. What is an App Password in Gmail?
An App Password is a 16-character unique code that allows less secure apps or devices to access your Google account when 2-Step Verification is enabled.
3. How do I enable App Passwords in Gmail?
First, turn on 2-Step Verification in your Google Account’s Security settings. Then visit https://myaccount.google.com/apppasswords to generate a new App Password for your application.
4. Why can’t I find the App Passwords option in my Google Account?
If you can’t see the App Passwords option, it may be because your account doesn’t support it anymore. Google is phasing out App Passwords in favor of OAuth-based authentication.
5. Does Google still allow App Passwords in 2025?
As of 2025, Google has largely discontinued new App Passwords for accounts with 2-Step Verification. Older App Passwords may still function temporarily for legacy systems.
6. What should I use instead of App Passwords?
Google now recommends using OAuth 2.0 authentication, a more secure and modern method for connecting third-party apps to your Gmail or other Google services.
7. Can I revoke or manage existing App Passwords?
Yes. Visit your Google Account’s App Passwords page to revoke, track, or generate new passwords for specific apps whenever needed.
8. Is it safe to use App Passwords for SMTP in 2025?
App Passwords still work for some existing setups but are not recommended for new integrations. OAuth-based sign-in provides better security and compliance with Google’s updated policies.
9. What happens if I don’t update from App Passwords to OAuth?
Older integrations using App Passwords may stop working when Google fully removes the feature. Updating to OAuth ensures uninterrupted and secure email delivery.