Saving passwords on trusted sites save time and effort as it allows you to log into your account instantly. However, a few weeks ago, users began noticing that applications such as Thunderbird and Outlook, along with other email clients, started asking them for their Google passwords.
Upon the re-entry, it would reject it by saying the password was incorrect. Google has started locking down its services, notably for emails and how they connect to third-party clients, thus eliminating less secure apps.
The services allowed you to use the Google credentials to sign in to the email client, which weakened the security of your Google account.
You can still use Google on third-party apps. Still, you must use an app-specific password, or it should support “OAuth2” (an authentication method that opens up a dialog box that lets you authenticate by logging into Google and providing the app access to the Google account).
The app-specific passwords are combined with the two-factor authentications on the Google account. Since most apps aren’t compatible with handling two-factor, the company created the app-specific passwords to avoid adding an authentication code. The method allows users to create a password specifically for the app.
It is a necessary measure taken to prevent less secure websites from committing a breach of password confidentiality.
2FA and benefits
The two-factor (2FA) authentication for the Google account adds a layer of security. It is usually categorized into three groups. It includes something you know (a password), something you have (a smartphone that gets the text message with the code), and something you are (face or fingerprint).
The method is a great way to ensure that hackers can’t access your account and that the user’s account is protected by added security. Since the 2FA method allows you to verify the login details if you sign in with an unfamiliar browser, which then directs you to one of the methods you have chosen for verification, thus making it difficult for anyone unwanted to login into your account.
Thus, if an authentication code promotes you, the attacker won’t be able to harm your data despite having access to your account’s password.