/mail/community?hl=en
This content is likely not relevant anymore. Try searching or browse recent questions.
POP access to Gmail without LSA 3 Recommended Answers 13 Replies 19 Upvotes
1 Update
$0 Updates
1 Recommended Answer
$0 Recommended Answers
1 Relevant Answer
$0 Relevant Answers
3
For accounts protected by 2-factor authentication, which stand-alone Windows email clients are able to access Gmail via POP3 using OAuth, without taking the risk of enabling Less-Secure Apps access and enabling app-specific passwords?

In other words, which email clients are able to connect to pop.gmail.com using OAuth authentication?  Outlook 2016 for Windows is able to connect to imap.gmail.com using OAuth with 2FA, but not to pop.gmail.com. What about Outlook 2019? Thunderbird? Others?

(I know the official way of accessing Gmail accounts protected by 2FA from Outlook and other, older clients via POP3 is to enable LSA access and to set up an app-specific password. but app-specific passwords raise potential security risks. With that option slated to be turned off in the not-too-distant future for some Gmail accounts anyway, are there other clients that can access Gmail via POP3 with full OAuth/2FA authentication? IMAP is not an attractive option here.)
Relevant Answer Relevant Answers (0)
All Replies (13)
Relevant Answer
Hi Jon, there has been no announcement that App Specific Passwords are to be ceased.  In fact that is the current solution offered for use when Less Secure Apps access is turned off.  These two are not available together.

I do not know of any support for POP with 2FA for Gmail.
marked this as an answer
Relevant Answer
@KeithR, here is the announcement, below.

@bkennelly, thank you for the definitive response. I'm confused about your "one other clarification," though. I'm confused about the distinction between 2FA, LSA, OAuth, and password-based accounts. Can you please reconcile your response with Google's announcement? If I turn off 2FA, will I still be able to use Outlook to access my gmail account via POP? If the whole point of Google enforcing OAuth is to increase security, then how can giving users no choice besides turning off 2FA increase security?



marked this as an answer
Relevant Answer
Google have not clarified what will happen with POP access.  They may discontinue POP3 support, they may add OAuth2 authentication or they may continue to support App Passwords.  The only thing that is certain is that access for "less secure apps" will be turned off. 
 
The announcement states that OAuth will be required and that plain password authentication will be disabled, but only goes into detail about disabling LSA. That leaves the 2SV/App Password solution unexplained.  2SV with an App Password is almost as secure as OAuth2 (An App Password is a sort of "poor man's" OAuth token, because it is pseudo-random and requires higher authentication to generate.)
 
There appear to be three possibilities for the future:
  • POP3 access will gain OAuth2
  • POP3 access will be allowed with App Passwords
  • POP3 access will be discontinued.
 
marked this as an answer
Relevant Answer
Hi Nate, if you had read the whole topic, you would have seen that this was a misunderstanding.  Administrators of G Suite accounts have been advised that Access for Less Secure Apps will be removed from settings from August 2020 and disabled completely from February 2021.  App Specific Passwords will continue to be available.

There has not been any announcement about gmail.com accounts.
marked this as an answer
This question is locked and replying has been disabled.
Discard post? You will lose what you have written so far.
Write a reply
10 characters required
Failed to attach file, click here to try again.
Discard post?
You will lose what you have written so far.
Personal information found

We found the following personal information in your message:

This information will be visible to anyone who visits or subscribes to notifications for this post. Are you sure you want to continue?

A problem occurred. Please try again.
Create Reply
Edit Reply
Delete post?
This will remove the reply from the Answers section.
Notifications are off
Your notifications are currently off and you won't receive subscription updates. To turn them on, go to Notifications preferences on your Profile page.
Report abuse
Google takes abuse of its services very seriously. We're committed to dealing with such abuse according to the laws in your country of residence. When you submit a report, we'll investigate it and take the appropriate action. We'll get back to you only if we require additional details or have more information to share.

Go to the Legal Help page to request content changes for legal reasons.

Reported post for abuse
Unable to send report.
Report post
What type of post are you reporting?
Google takes abuse of its services very seriously. We're committed to dealing with such abuse according to the laws in your country of residence. When you submit a report, we'll investigate it and take the appropriate action. We'll get back to you only if we require additional details or have more information to share.

Go to the Legal Help page to request content changes for legal reasons.

Reported post for abuse
Unable to send report.
This reply is no longer available.
/mail/threads
//accounts.google.com/ServiceLogin
You'll receive email notifications for new posts at
Unable to delete question.
Unable to update vote.
Unable to update subscription.
You have been unsubscribed
Deleted
Unable to delete reply.
Removed from Answers
Removed from Updates
Marked as Recommended Answer
Marked as Update
Removed recommendation
Undo
Unable to update reply.
Unable to update vote.
Thank you. Your response was recorded.
Unable to undo vote.
Thank you. This reply will now display in the answers section.
Link copied
Locked
Unlocked
Unable to lock
Unable to unlock
Pinned
Unpinned
Unable to pin
Unable to unpin
Marked
Unmarked
Unable to mark
Reported as off topic
Known Issue
Fixed
Marked Fixed
Unmarked Fixed
Unable to mark fixed
Unable to unmark fixed
/profile/0