This past week, Google announced their annual Security Checkup. The offer boasted an extra 2GB of free Google Drive storage for completing a yearly security checkup. All that was required was for you to sign into your Google account and review your security settings. Sounds simple, right?

While the process may have been painless, some of the implications of modifying your security settings could leave you without being able to login your GMail from a number of desktop, tablet, or mobile devices. Examples of some commonly affected devices include:

  • Email app on iPhone or iPad with iOS6 or below
  • Email app on Windows Phone versions prior to 8.1
  • 3rd party email apps on Android devices
  • Microsoft Outlook
  • Mozilla Thunderbird

So What Broke?

Well, there’s a setting page called Allow less secure apps that was part of your yearly checkup. You may have accidentally clicked on the option to “Turn off” access for less secure apps without knowing it’s implications. After all, who doesn’t want to increase their security?

By turning off this setting, you increased the security level of your account. That’s great!

What’s not so great is if you actually had applications using less secure methods of login authentication with Google. If you did, you likely started receiving a “Password Incorrect” error message or similar from your mail client. You may have also received an email from Google with a subject line of “Sign-in attempt prevented” that looks like this:

GMail sign in attempt prevented

The root cause of this error is that the mail application(s) you are using are likely still authenticating with google via Basic Authentication.

Basic Authentication is a rudimentary form of login authentication which does not securely encrypt your username and password when you login to your mail client. This is very bad. If you connect to a public network or WiFi, somebody with a few basic networking tools can packet sniff your wireless communications and steal your login information in plaintext! It’s the same type of error you may receive when you

What’s the Fix?

The recommended fix is that you need to adjust your mail settings within your offending mail client(s) to authenticate with Google over SSL and/or TLS. The settings you will need to verify and adjust within your offending mail clients are as follows:

GMail Setting Correct Value
SMTP server address smtp.gmail.com
SMTP username Your full email address (e.g. yourusername@gmail.com)
SMTP password Your Gmail password
SMTP port 587
SMTP port (SSL) 465
SMTP TLS/SSL required yes

If you really need your email fast, the quick fix is to log in to your Google Apps account, navigate to Allow less secure apps, and turn on access for less secure apps. Unfortunately, this is not a safe option and we do not recommend it.

Thank you Google

Google deserves a huge thank you for their yearly security checkup. They’re doing the general public a huge favor by offering security features which keep your accounts and passwords safe. If you get a chance, please login to your account and verify that you have turned off allowing less secure apps. It’s well worth your time to fix your mail clients to keep your passwords and email secure.

Have a crazy idea or business and want to share it with the world online? Or perhaps you're a business professional that wants to build your online presence for personal branding. POP can help! Get your own domain name, custom email, and one page landing page in minutes. Who knew starting a website could be so easy! No technical skills required.

Get your very own domain, email, and webpage

Share this post on Tweet about this on TwitterShare on FacebookShare on Google+Share on TumblrShare on LinkedInShare on RedditDigg thisBuffer this page