Can I use my Gmail password alone to connect to the investor matching service? Why do I need an App Password to use Gmail with Investor matching?
No. Google no longer allows Gmail accounts without Two-Factor Authentication (2FA) to work reliably with third-party applications or servers using SMTP/IMAP. Even if you only want to use your password, Google enforces additional security measures that prevent consistent access without 2FA.
Why This Happens
-
Different login flows: Google treats browser logins and app/server logins differently. Logging in through a browser may sometimes work with just a password, but connecting via SMTP/IMAP (the method most apps and services use) is restricted.
-
Random security checks: For accounts without 2FA, Google enforces what can be thought of as “semi-2FA.” This means if Google detects a login attempt from a new device, location, or service, it will require extra confirmation through a backup email, phone, or device.
-
App passwords require 2FA: To use app-specific passwords (the standard way to securely connect Gmail to third-party services), the Google account must be enrolled in 2FA. Without it, app-passwords are not available.
-
Deprecation of “less secure apps” option: Google recently removed the setting that previously allowed non-2FA logins for third-party apps. This means there is no longer a supported way to use Gmail without 2FA on external services.
What This Means for You
If you want to use Gmail with our Investor Matching service (or any third-party app/server):
-
You must enable 2FA on your Google account.
-
Once 2FA is active, you can create an App Password within your Google account settings.
-
This App Password (not your main Gmail password) is what you’ll use to connect your Gmail account to the service.
Without following these steps, Gmail will not allow consistent connections, and your emails may fail to send or sync.