I started seeing a lot of Gmail users asking for help because Outlook stopped syncing. It was perplexing until one client wanted me to fix it for him. While I was looking at his computer, he told me Google sent him an email because someone tried to connect to his account and the email included a list of steps to take to insure the account was secure. He went through the steps and made the changes they suggested. One of the steps was to turn off the allow less secure apps options, which he did. (The "someone" turned out to be himself while using a hotspot.)
Other people said Google sent them an email recommending a security checkup or saying they were using less secure apps or and they took Google's advice to disable less secure apps.
Unfortunately, when less secure apps are not allowed, Outlook can't connect to Gmail servers, unless you also enable two-factor authorization then use an app password in Outlook. (The app password is a one-time use password that can be voided if you suspect it is compromised, without affecting your “real” password.)
My recommendation is to turn off less secure apps and enable two-factor auth. In Gmail's implementation, you'll receive a code by text message to enter when the second authorization screen comes up. If you use an application, such as Outlook, that does not yet support the second authorization, you'll need to use an app password.
To check or change your settings, sign in to Gmail then open your Google account settings. If two-factor authentication is not enabled, the option to allow less secure apps is at the end of the page.
If you enable two-factor authentication, you'll create new app passwords at App passwords. Gmail allows you to revoke individual app passwords, which you can do by clicking the trash can icon to the right of the device name.
In my experience with Gmail, their implememation of two-factor authorization is not annoying at all and retains the authorization. It doesn't request re-authorization often, which makes using an app password fairly painless. If you use public hotspots, you should enable two-factor.
If you choose to allow less secure apps, is it really insecure? No, it's just not as secure as using the newer OAuth protocol to login. Less secure apps use plain username/password authentication to access an account instead of OAuth 2.0. The username password should be transferred in a secure channel but there may be points where a sniffer could pick it up.
More Information
Gmail in Outlook: unable to connect to email
"Less Secure Login Warnings"
It is irritating that Google think Outlook is insecure and something they do on purpose to annoy everybody not thinking that Google should be allowed to have all info from everybody in order to fill their own pockets.
I am not a technical person and all of this is confusing to me. Is there a simpler "Dummies" version to do this? Thank you
Probably not... Start with logging into your google profile at https://myaccount.google.com/security#signin. You can either allow less secure apps or enable 2 factor auth and create an app password to use in outlook.
Thanks a million for posting this assistance. You are a lifesaver.
Thanks, this article helped a lot. You may want to mention that if you enable two factor authentication in Google, Google automatically removes the option to turn on "Less Secure App Access."
No need to do this anymore since last Outlook 365 update last night.
:-D
Oh, good... I've been waiting for this.
"No need to do this..." ... what this ?
I have a Gmail-imap account in Outlook 365.
Today I try to pass my Gmail account from "Less Secure" to "Secure".
You can´t avoid 2 steps:
First implement 2-Step Validation, receiving a message in smartphone when you sign in Gmail.
Second and only after that first step, get a 16 digits code to change your PW in Outlook/Gmail.
It's such a confusing procedure and forcing 2 validation steps, that I, like most users, have returned to the "less secure" gmail account.
If you know a simple way of having a "secure" account Gmail-Imap in Outlook, please tell us.
Those are the choices: less secure or two step. Depending on your outlook version, it will either ask for the 2nd step or you need to use an app password. In my experience, gmail is pretty good with 2-step - once the account is set up, you don't need to respond with the second factor or reenter the app password. On the other hand, less secure isn't that much less secure, especially if you don't use public wifi.
Thanks Diane for this. Even after I've enabled less secure apps in Google, it still won't allow me to connect from Outlook. I get an error message in Outlook saying "Your server does not support the connection encryption type you have specified".
I've been trying all day on this. Any more ideas please? :)
Thanks!
Sorry I missed this earlier - did you ever get it working?
Thank you so much for posting this - I was going crazy and Microsoft offers zero support for the issue (unless you pay!) Appreciate it.
I have been fighting with this problem for the last few day.
Nowhere did I find an explanation that could help me.
Till I find it here.
Maybe I looked at the wrong links before?