Outlook and 2-Step Verification for Gmail accounts
With Google moving away from Basic Authentication and recommending to use OAuth instead, I want to enable 2-Step Verification for my Google account to increase security.
How do I best approach this and what changes do I need to make in Outlook to keep receiving my emails?
Outlook 2016, Outlook 2019 and Outlook for Office 365 offer native support for OAuth and 2-Step Verification for Gmail accounts.
For Outlook 2016 (msi, Volume License), Outlook 2013 and previous versions, you’ll need to use an App-Specific Password which you can create on the Google Account website.
This is similar to the process of enabling Two-Step Authentication for Outlook.com accounts.
Step 1: Enable 2-Step Verification
First, enable 2-Step Verification for your Google Accounts:
- Logon to Google and open your Account Settings page. This can be done by visiting: https://myaccount.google.com
- From the Navigation Pane on the left, click on: Security.
In the “Signing in to Google” section, click on: 2-Step Verification.
This direct link should also take you there.
Google Account Security - Currently 2-Step Verification is off.- On the introduction page, click on the “Get Started” button.
- Provide your password when prompted.
- Enter a phone number on which you want to receive the verification codes.
In a later stage, you can safe-list trusted computers and also install an App so you won’t have to deal with SMS messages to log on each time. Enter your received verification code.
Confirm that you want to enable 2-step verification for your account.
Step 2: Office 365, Outlook 2019 and Outlook 2016; SMS or Authenticator verification
When you are using Office 365, Outlook 2016 (excluding the msi-version) or Outlook 2019, you can continue to use your regular password and Outlook will prompt you for additional verification. The same applies to the Outlook app for iOS and Android.
Provide your Gmail email address.
Authentication verification step 1: Enter your password.
Authentication verification step 2: Enter a code obtained via an SMS text, the Authenticator app (see Step 3 below) or a Google prompt on your phone.
One time only; Allow “Microsoft apps & services” to access your Gmail account to manage it in Outlook.
Step 2: Outlook 2016 (msi) and previous versions; Get an App password for Outlook
Now that you have enabled 2-Step Verification for your Gmail account, you’ll start getting Send/Receive errors and/or password prompts in Outlook.
As mentioned before, you’ll need to generate a special “App password” for Outlook instead of trying to logon with your current Gmail password.
Go back to the Security page for your Google Account and click on the “App passwords” link in the “Signing in to Google section”.
Google Account Security - Currently 2-Step Verification is on.- Provide your password and verification when prompted.
- Optionally, you can enable the “Don’t ask again on this computer” option.
- Use the “Select app” dropdown lists to select: Other (Custom name)
- Type: Outlook.
- Click the Generate button.
Copy the obtained password code.
Note that the app password doesn’t actually contain spaces, the separators between the code blocks are just to improve readability.- Go to Outlook and paste or type the obtained app password when being prompted for your password.
You can also do it directly via your Account Settings.- Outlook 2007
Tools-> Account Settings…-> double click on your Gmail account - Outlook 2010, Outlook 2013 and Outlook 2016 (msi)
File-> Account Settings-> Account Settings…-> double click on your Gmail account
- Outlook 2007
- Once you’ve updated your password, Outlook will be able to connect to Gmail again with 2-Step Verification enabled for your account.
Optional Step 3: Get codes via a mobile app instead
Rather than using SMS message to receive verifications codes, you might want to use an App to generate these verification codes instead or enable “Google prompt”.
- Go back to the Security page for your Google Account and click on the “2-Step Verification” link in the “Signing in to Google section”.
- Provide your password and verification when prompted.
- In the Authenticator app section, click on the “Set up” link.
Select your smartphone type.
- Install the Google Authenticator app on your phone.
If you already have the Microsoft Authenticator app (available for iOS and Android) installed, you can use that too. - Open the app and when adding the account, use the camera of your phone to scan the barcode and add the account without needing to type anything.
- On the webpage, enter the generated verification code on your phone to complete the app configuration process.