Gmail App Password: Step-by-step configuration

Gmail App Password: Step-by-step configuration for secure email sending

To ensure secure and stable email sending via Gmail using third-party applications like Postigo, it is recommended to use an App Password instead of your main Google account password. This is especially important if you use two-factor authentication (2FA) in Google, as the standard password may not work with SMTP servers in this case.

An App Password is a 16-digit password that grants an application access to your Google account without revealing your main password. In case of compromise, an App Password can be easily revoked without affecting the security of your main account.

Step 1: Enable Two-Factor Authentication (2FA) in your Google Account

Before generating an App Password, you need to enable two-factor authentication in your Google account. This is a prerequisite for using App Passwords. If 2FA is already enabled, proceed to the next step.

1. Sign in to your Google account: myaccount.google.com
2. In the left menu, select "Security".
3. In the "How you sign in to Google" section, find "2-Step Verification" and click on it.
4. Follow the on-screen instructions to set up two-factor authentication. You will need to provide a phone number to receive verification codes.

Enabling 2FA significantly increases the security of your account, reducing the likelihood of unauthorized access by 99.9% (according to Google).

Step 2: Go to the "App Passwords" section

After enabling 2FA, you can generate an App Password.

1. Go to the "Security" section in your Google account again: myaccount.google.com
2. In the "How you sign in to Google" section, find "App Passwords" and click on it. If you do not see this item, make sure 2FA is enabled.
3. You may need to re-enter your Google account password for verification.

Important: If you use Google Workspace (formerly G Suite), your organization's administrator may have disabled the use of App Passwords. In this case, you will need to contact your administrator for permission or use another authentication method.

Step 3: Generate an App Password

1. In the "App Passwords" section, select "Select app" and specify "Other (Custom name)".
2. Enter the application name. For example, "Postigo".
3. Click "Generate".

Google will generate a 16-digit App Password. Be sure to copy this password and save it in a safe place. You will only see it once. If you lose it, you will have to generate a new App Password.

Example: Screenshot of App Password generation in Google Account

Step 4: Use the App Password in Postigo

Now that you have an App Password, you can use it instead of your regular Google account password in Postigo.

1. Log in to your Postigo account.
2. Go to the SMTP settings section (usually located in the "Settings" or "Accounts" section).
3. Enter the following data:
   • SMTP Server: smtp.gmail.com
   • SMTP Port: 587 (for STARTTLS) or 465 (for SSL)
   • Username: Your full Gmail email address (e.g., [email protected])
   • Password: Paste the generated App Password.
   • Encryption Type: STARTTLS or SSL (depending on the port used). It is recommended to use STARTTLS on port 587.
4. Save the settings.

After saving the settings, Postigo should successfully connect to your Gmail account and send emails via the Google SMTP server.

Example SMTP configuration in Postigo:

SMTP Server: smtp.gmail.com
SMTP Port: 587
Username: [email protected]
Password:  [Your 16-digit App Password]
Encryption: STARTTLS

Important: Make sure you have entered all the data correctly, especially the App Password. Errors in the settings can lead to problems with sending emails.

Additional Recommendations

• Regularly check your SMTP settings. Changes in Google or Postigo policies may require updating the settings.
• Use email account warm-up. This is especially important for new accounts or accounts with a low sender rating. Warming up will help improve your domain reputation and avoid being marked as spam.
• Configure SPF, DKIM, and DMARC. These DNS records help verify the authenticity of your emails and improve deliverability. Incorrect SPF, DKIM, and DMARC settings can cause up to 30% of your emails to end up in spam.
• Use spintax for content randomization: Spintax allows you to create multiple variations of the same email, which helps avoid spam filters.
• Analyze email campaign metrics. Track open rates, click-through rates, and unsubscribe rates to optimize your campaigns and improve deliverability.

Using an App Password in Gmail is an important step in ensuring the security and reliability of your email marketing activities. By following these instructions, you can configure Postigo to work with Gmail and send emails safely and effectively.