Back to Blog
googlegmailapp-passwordgoogle-workspacehow-tomoltbot-ninja

How to create a Google App Password (and what to do if you're on Workspace)

Step-by-step guide to creating a Google App Password for legacy app connections — plus how Google Workspace admins enable it for their org.

J
Jonathan Shachar
3 min read
🦞

If you're trying to connect Gmail or Google Calendar to an app that asks for your email and password directly — not the "Sign in with Google" button — you need an App Password. Your regular Google password won't work, and that's intentional.

Here's how to create one and, if you're on Google Workspace, how to get your admin to enable it first.

What's an App Password?

It's a one-time 16-character password Google generates for a specific app. The app uses it to connect to your Google account over IMAP, SMTP, or CalDAV — protocols that predate modern OAuth. Your real password stays private.

You'll recognize this scenario when an app asks for something like "Gmail SMTP password" or "Google account password" during setup.

Before you start: you need 2-Step Verification enabled

App Passwords only work if 2-Step Verification (2FA) is on for your Google account. If it's not, turn it on first at myaccount.google.com/security.

Personal Gmail: create an App Password

  1. Go to myaccount.google.com/apppasswords
  2. Sign in if prompted
  3. Under "App name", type something descriptive — the name of the app you're connecting (e.g. "MoltBot Ninja")
  4. Click Create
  5. Google shows you a 16-character password. Copy it now — you won't see it again
  6. Paste it into the app where it asks for your Google password

That's it. The app is connected.

Google Workspace: your admin needs to flip a switch first

If you're on a company Google account (Google Workspace), the App Passwords screen might not show up at all. That's because Workspace admins can block this feature.

To check if it's enabled: try visiting myaccount.google.com/apppasswords. If you see "The setting you are looking for is not available for your account," your admin has it turned off.

For admins — how to enable App Passwords for your org:

  1. Go to admin.google.com
  2. Navigate to Security > Basic settings (or search "Less secure apps" in the admin search bar)
  3. Under "Less secure apps", select Allow users to manage their access to less secure apps
  4. Save

Once enabled, users in your org can go to their own App Passwords page and create one.

Common questions

Can I revoke an App Password later? Yes. Go back to myaccount.google.com/apppasswords and click the trash icon next to any active password. The app will immediately lose access.

Is this secure? Reasonably, yes — especially since it's scoped to one app and can be revoked instantly without changing your main password. It's not as secure as modern OAuth, but it's the right tool for apps that don't support it.

The app I'm connecting has an "app number" — do I need that? Some enterprise apps use a Google OAuth client ID instead of App Passwords. If that's the case, the setup is different — your Workspace admin would need to whitelist the app in Admin console via API controls. See our guide on that here.

If you're setting up MoltBot Ninja and running into trouble, reach out. We'll walk you through the right path for your setup in under 10 minutes.

Continue Reading

How to connect a Google app in Workspace Admin when you have the client ID

March 19, 2026

I Gave My AI the Mouse. Here's What It Did With It.

March 7, 2026

I Gave an AI Full Access to My Gmail, Calendar, and Files. Here's What Actually Happened.

February 19, 2026

Ready to deploy your own AI assistant?

Try Moltbot Ninja Free