Sign in using application-specific passwords

The codes that you’ll get with 2-Step Verification don’t work with all applications. There are a few applications that use information from your Google Account that require application-specific passwords (ASPs).

Using application-specific passwords

Examples of devices and applications that use ASPs include: Email clients such as Outlook, Apple Mail and Thunderbird, and Gmail and Google Calendar on your phone. Below are two examples of what you might see when using an application that requires an ASP.

Apple Mail

Soon after you turn on 2-Step Verification, you'll be alerted that your password is no longer working (see image below). Enter an application-specific password that you generated in the "Password" field (1). If you want Mail to store your password for future sign in, you can click the box next to "Remember this password on my keychain" (2).

application-specific password Mail example

Android (versions 2.3 and below)

Soon after you turn on 2-Step Verification, you'll be alerted that your password is no longer working (see image below). Enter an ASP that you generated in the "Password" field (1).

application-specific password Android example

How to generate an application-specific password

  1. Visit your Google Account settings page.
  2. At the top, click Security.
  3. In the 2-Step Verification box, click Settings.
  4. Click the tab for App-specific passwords.
  5. Click Manage your application specific passwords.
  6. Under the Application-specific passwords section, enter a descriptive name for the application (label 1) you want to authorize, such as "AdWords Editor – Desktop," then click “Generate application-specific password" (label 2). Application Specific Passwords Google Account

    You'll then see the ASP you just created (3). You'll also see the name you wrote in for the device (4) and a link to Revoke (5) -- or cancel -- the code.

    generated application-specific password

    Once you click Done, you’ll never see that application-specific code again. But don't panic: You can generate a new one whenever you’re prompted for an ASP by a non-browser device or application -- even a device or application you’ve authorized before.

  7. When you sign in to an application requiring an ASP, enter your ASP in the password field, and make sure you check the "Remember password" option if you want the application to remember the code.