Sometimes a developer needs to send emails from Gmail or Google Workspace email account or mail server from their website or app. There are many benefits of doing so, including less spam and higher inbox delivery. In this situation, you need to activate the Google security feature – Less Secure Apps. I will show you how to do it easily. Normally it is a little confusing to achieve.
How to activate Less Secure Apps in Gmail ( or Google workspace)
- First, check whether the feature of activating “less secure app” is activated for your Gmail / Google workspace account.
- Login to your google account, if you are in the Gmail app then go to your accounts page.
- Click on the Security Tab and check if “Less Secure Apps Access” is available. If it’s not available then you need to contact your organization’s Google Workspace Admin and ask them to allow “less secure app access” for users in the organization.
Here is how it can be done.
4. Enable Less Secure Apps as shown below
5. Now you can exist the admin control panel of Google Workspace and login to the particular email account from which you want to send SMTP mails. Now, go to the security section of that account and turn on less secure app again for that account.
Security issues with using the Less Secure Apps method of sending emails.
Please understand that this proses a security risk. In most of the cases developers use this method to send emails from Google Email servers instead of your hosting servers SMTP system. Particularly, when someone is using a different hosting like GoDaddy, Hostgator, CynderHost, Bluehost etc and for email they are using Google Workspace.
So, a developer will use the SMTP settings like the following to connect to Google.
$mail->Username = “email@domain.tld”;
$mail->Password = “yourSecreat##PW”;
If your website is hacked or if you code is shared with some other company for certain purpose. The email id and password are leaked. Now any one can misuse that gmail account for malicious intensions.