Using Gmail with Outlook or Emailing Scans from Multifunction Devices
Gmail accounts, by default, can only be logged-in via the web or using OAuth. However, if “legacy” support is required, such as accessing IMAP/POP via Microsoft Outlook or sending scans from a multifunction device which only supports plain password logins via authenticated SMTP, there was previously an option to enable “Less Secure Access”. However this option was deprecated in May 2022 and any apps or devices that require it will fail to connect.
The remedy is to use App Passwords, which are randomly-generated passwords intended for single use.
- Enable two-step authentication on the account from https://myaccount.google.com/signinoptions/two-step-verification/enroll-welcome.
- Once this is done, you will have access to App Passwords: https://myaccount.google.com/apppasswords:
- Choose an app name from the list and enter a description and click Generate. Google will generate a password, which is presented as four 4-character strings but is actually a single 16-character string.
- Update the email client or multifunction device to use this password instead of the account's main password.
This technique also makes it easier to delink retired devices as the single App Password can be deleted, rather than requiring a password change on the main account. The app password only allows access to email data, and can't be used to log into the full account. Thus the account is protected strongly with two-factor authentication while allowing legacy access.