I have Outlook and can no longer connect to Gmail

Topic

New Reply

If you are seeing this you aren’t alone. Gmail made a security change and clearly didn’t communicate well about it. I’m reposting a solution posted by
[See the full post at: I have Outlook and can no longer connect to Gmail]

Susan Bradley Patch Lady

4 users thanked author for this post.

Mr. Austin, Sueska, Ben D, lmacri

Reply | Quote

Replies

Note I added a PS that I’d really wish you’d move to a newer version, but I’m also a realist.

Susan Bradley Patch Lady

Reply | Quote

I use Thunderbird to view my Gmail. I can also link my Outlook 365 to Thunderbird but I don’t

Reply | Quote

I also use Thunderbird to access Gmail.  No two factor authorization is required, but I did have to change my authorization method to OAuth2.

Bill

Reply | Quote

Unfortunately, the older versions of Outlook (prior to 2019) don’t support OAuth2 so you’ll either need to use the workaround Susan posted in the full article or, as Susan suggested, move to a newer version of Outlook or switch to a different mail app (BTDT and it was not fun! )

BTW, I also use Thunderbird and enabled OAuth2 back in March when I first got the notice Gmail was removing the “Access to less secure apps” option.

1 user thanked author for this post.

BobbyB

Reply | Quote

I use the email preview app Mailwasher Pro so I see what I receive in the 2 dozen email addresses I have.  Gmail doesn’t work anymore for that with the 2 step-verification.  I followed both Gmail & Mailwasher’s instructions but still no success.

Custom Build - Intel i5 9400 5 Core CPU & ASUS TUF Z390 Plus Motherboard
Edition Windows 10 Home
Version 22H2
OS build 19045.2965

Reply | Quote

I’d echo Susan’s comments re: don’t be hooked on Outlook.

I was forced to use Outlook with Microsoft Exchange Server at my employer’s. (I’m now retired.)  I was a Windows 7 Desktop Admin, and I utterly hated Outlook.  Reasons:

1. Emails are stored in .PST files — database files which ultimately become corrupted, and have to be periodically fixed with SCANPST.EXE.  There is a practical upper limit to PST file size.

2, Outlook with Exchange Server uses an X.400 directory instead of regular SMTP addresses.  In a heterogeneous world (Outlook / non-Outlook) the SMTP addressees can’t reply/all to the X.400 addressees.

3. Searching within emails.  Instead of having easily identified fields (To, From, CC, Body, etc.) to search on, Outlook allows you to search on “well-known fields” and other obscure criteria.  Nowhere are these terms defined.

I use Thunderbird (and sync calendars via Google Calendar).  It has none of these problems.

OK, that’s my rant.

Reply | Quote

@Tem –

I’m in the same situation retirement-wise.  I use Outlook and Office because my employer only charged $25 for a copy of Office 2013 with 5 installs.  Now I’m retired and when I get my next PC and Windows 11 I doubt I will be spending the money on Office PC (I refuse to subscribe to 365).  That leaves OpenOffice, OpenLibre and for email Mozilla Thunderbird, and the Susan recommended Em Client which I have never heard of.  I am going have to do some research.

Custom Build - Intel i5 9400 5 Core CPU & ASUS TUF Z390 Plus Motherboard
Edition Windows 10 Home
Version 22H2
OS build 19045.2965

Reply | Quote

@Blueboy714 I am in the same position as you – on Outlook 2010 which I like because of ability to link calendar, contacts and email and its shortcuts, but I can’t justify MS’s subscription charges as a retiree.  My wife uses EMclient – put onto it by my son, and she likes it, but I have not explored whether it would do what I want.

Chris
Win 10 Pro x64 Group A

Reply | Quote

Play around with it.  It’s similar to thunderbird.  It’s searching engine is way better as well.

Susan Bradley Patch Lady

1 user thanked author for this post.

Chris B

Reply | Quote

$50, authentic, local machine, ‘permanent’ Microsoft Office client licenses are gettable. I’ve two of them and don’t depend on Office 365

1 user thanked author for this post.

ve2mrx

Reply | Quote

I was “out and about” last week and logged on to Gmail with Outlook 2019 for Mac and Google tried its darnedest to get me to set up 2FA which, of course, I didn’t.

Well they aren’t having my Cell Number as I have got my Junk calls and Texts down to an absolute minimum. Gmail was adamant and after a about 3-4 tries, restarted Win10 bootcamp Outlook 2019 and logged on straightaway for mail.

This was the first and never since, roaming, Home and Office, hope its not a portent of one more aspect of Google “Data slurping” to come.

Just logged on Today Mac and Win10 Outlook 2019 and no worries.

Reply | Quote

Susan….

ATT/Yahoo does have a “special app password” you can use in Outlook. They call it a Secure Mail Key.

Here’s a link on how to obtain the key:
https://www.att.com/support/article/email-support/KM1240308/

Reply | Quote

When you have a Pacbell account from EONS ago, it doesn’t exist.  I log in, and those options are not there.

Susan Bradley Patch Lady

Reply | Quote

Let me put it this way… when I hit this issue about a year ago I was told that my mail account was vintage and still on a mail server that couldn’t support secure mail key.  I may have to revisit but at the time, I couldn’t generate them.

Susan Bradley Patch Lady

Reply | Quote

Reading this, I can only picture a lonely server in a closet with a bunch of obsolete kit all over, lost somewhere in the basement of some building… Hopefully, it wasn’t walled-in! 😉

Martin

Reply | Quote

You could contact the Internet Archive about your ancient PacBell e-mail address and ask them to start an historical project reminiscing about that.

Many moons ago when my machines were muching on SETI@Home data, I’d the cool address of RadixMan@SoCA associated with it. PacBell was smart enough to give me an alternative to blahdehblah@pacbell.net.

Reply | Quote

Thank you so much. I’ve been pulling my hair for a couple of weeks trying to figure out what went “wrong” as I was unaware of the two-step authentication cutover at the end of May. I followed your instructions, held my breath, and whooray it worked! Thanks again.

Reply | Quote

Tem wrote:

I’d echo Susan’s comments re: don’t be hooked on Outlook.

I was forced to use Outlook with Microsoft Exchange Server at my employer’s. (I’m now retired.)  I was a Windows 7 Desktop Admin, and I utterly hated Outlook.  Reasons:

1. Emails are stored in .PST files — database files which ultimately become corrupted, and have to be periodically fixed with SCANPST.EXE.  There is a practical upper limit to PST file size.

2, Outlook with Exchange Server uses an X.400 directory instead of regular SMTP addresses.  In a heterogeneous world (Outlook / non-Outlook) the SMTP addressees can’t reply/all to the X.400 addressees.

3. Searching within emails.  Instead of having easily identified fields (To, From, CC, Body, etc.) to search on, Outlook allows you to search on “well-known fields” and other obscure criteria.  Nowhere are these terms defined.

I use Thunderbird (and sync calendars via Google Calendar).  It has none of these problems.

OK, that’s my rant.

What versions of Outlook and Exchange were you using? What you complain about was true once upon a time (Exchange 2000) but it’s not now and hasn’t been for a while. PST files may still be used for archive purposes, but the main message has long been an OST file which is essentially a local copy of the mailbox on the server. Like search has been much improved since you had to work with it. In short, it’s long been a full-text search for anything anywhere in the message (from, to, subject, message body, headers, etc.) I’m not sure if X400 is still in there (for compatibility sake) but it works using internet email addresses and so does Active Directory.

Reply | Quote

Help article on 3rd party apps and Gmail :

Google no longer allows username and passwords on third-party email applications

A couple of weeks ago, people started noticing that apps such as Outlook, Thunderbird, and other email clients started prompting them for their Google passwords. When they would re-enter their Google password, it would get rejected saying it was incorrect.

Google started locking down its email service and how it connects to third-party email clients, finally retiring “less secure apps”. When enabled, it allowed you to use your main Google email address and password to sign into an email client, weakening the overall security of your Google account.

You can still use Google on third-party apps, but the app must support either “OAuth2” (An authentication method that opens a dialog box allowing you to authenticate by signing into Google and allowing the application access to your Google account), or you must use an app-specific password…

1 user thanked author for this post.

lmacri

Reply | Quote

Susan, today you saved our light, fluffy biscuits with this article. We’ve a newish Gmail address which is very important to us, and I couldn’t get Outlook 2019 to authenticate with google’s published mail servers using the Google account’s password as I’d done in the past. So I read what you posted, and created the Google “generated” app password. When I set-up the account manually in Outlook 2019 using that password, it worked.

Reply | Quote

Since you’re using Outlook 2019, perhaps you might want to pursue using OAuth/2, which is a modern authentication standard that, I thought, Outlook 2019 fully supports.

That would eliminate the need for an app-specific password.

For those who use Outlook 2019, please feel free to throw pies, raw eggs or whatever else in the direction of this post if Outlook 2019 does NOT support OAuth/2 and you can show it in documentation from MS. I say this because I don’t use Outlook at all, I use another email program. My understanding that Outlook 2019 supports OAuth/2 comes from reading other posts about it here on Askwoody in the not too distant past (last month or two).

Reply | Quote

Alex5723 wrote:

Google no longer allows username and passwords on third-party email applications

This is an incredibly misleading statement/headline.   Yes, Google has made changes that require a different authentication process, but one still uses exactly the same username and password as “before”.

Reply | Quote

Bob99 wrote:

Since you’re using Outlook 2019, perhaps you might want to pursue using OAuth/2, which is a modern authentication standard that, I thought, Outlook 2019 fully supports.

That would eliminate the need for an app-specific password.

For those who use Outlook 2019, please feel free to throw pies, raw eggs or whatever else in the direction of this post if Outlook 2019 does NOT support OAuth/2 and you can show it in documentation from MS. I say this because I don’t use Outlook at all, I use another email program. My understanding that Outlook 2019 supports OAuth/2 comes from reading other posts about it here on Askwoody in the not too distant past (last month or two).

I can’t address Outlook 2019 directly, but Outlook 365 (the program) and Office 2021 do work very nicely if one uses the New account wizard in Outlook. Trying to add/update a Gmail setup directly does not give a working connection.

Reply | Quote

Bob99 wrote:

Since you’re using Outlook 2019, perhaps you might want to pursue using OAuth/2, which is a modern authentication standard that, I thought, Outlook 2019 fully supports. That would eliminate the need for an app-specific password.

Maybe. I’ll give it a think.

Here’s one reason why I might think about that… both Google and Microsoft exist to make great gobs of money for their owners and stockholders. They have long distinguished track records of being careless with their customers’ data and metadata. In this instance I’m writing about, Google has knowingly crippled one of my longstanding password strategies, by which I use dedicated 33-character, randomly-generated passwords, which have around 177-bit strength. Sometimes I use longer ones. When one sets up proper authentication handshakes and firewalls, that’s pretty good for many uses. Google’s Spring 2022 throwback ‘app generated’ password is 75-bits weak.

In my usual industry reading nearly two decades ago, script kiddies were figuring out how to hack 128-bit password hashes. So if I’m going to take any software provider seriously they’re going to have to show me their capability in providing 256-bit hashes. But Google obviously doesn’t care about that.

Reply | Quote

MHCLV941 wrote:

but one still uses exactly the same username and password as “before”.

Today I found, from experience, that seems untrue. To authenticate inside a formerly-working email client program, Google now insists that we couldn’t use a 177-bit hash password, but instead must use its own 75-bit hash. That’s a throwback to the security standards of 25 years ago.

Reply | Quote

It’s not an internet logon password.
It can’t be used on anything except that machine and with that mail app.

cheers, Paul

1 user thanked author for this post.

ve2mrx

Reply | Quote

Exactly. And this app password cannot be used to take over the account, can be disabled by the account owner easily and is used only in the app it was installed in.

Think of it as a rights-limited delegated account access that is limited to fetching and sending emails. If your workflow can’t tolerate this level of security, don’t use app passwords and find something that is recent enough to use Oath/2! It’s been out for a while now!

The goal is to eliminate the use of full-access account credentials to log into email that can be stolen and used in account take-over. The app password generated prevents this and isn’t peppered all over the place (used by one known app), limiting who has access to it (hopefully used over TLS!).

Sure, it is less secure, but it isn’t as much at risk as your account management password…

Martin

Reply | Quote

Mr. Austin wrote:

MHCLV941 wrote:

but one still uses exactly the same username and password as “before”.

Today I found, from experience, that seems untrue. To authenticate inside a formerly-working email client program, Google now insists that we couldn’t use a 177-bit hash password, but instead must use its own 75-bit hash. That’s a throwback to the security standards of 25 years ago.

I used a 16-character password with my Gmail account before Google forced its changes; I use the same 16-character password now. It worked perfectly before and works perfectly now.

I have seen password specifications that included minimum (and maximum) length; requirements for upper and lower case letters, digits and rules for special characters ranging from none whatsoever to a limited subset to anything on the keyboard. I have never seen a password specification that specified a hash of any length.

Reply | Quote

THANK YOU… so much for this info. Worked like a charm for Outlook 2013. Have many accounts and all are now available. HATE having to use their website and don’t need another ‘app’ running loose. You’re a mini-lifesaver.

Reply | Quote

It works (outlook 2010). Thanks allot Susan.You are great. You saved me from dealing with gmail…

Reply | Quote