Bypass two-step authentication with app passwords

Jack Wallen explains how you can create an app password to bypass two-step authentication on your mobile devices.

If you use Google and Android, one of the safest things you can do is enable two-step authentication. With this enabled, you must not only have your Google Account password, you also must have a randomly generated six-digit PIN generated by an Android app. Although this creates solid security, it can cause trouble for the likes of iOS.

How to create an app password

In order to get that iOS device logged into your Google Account, you'll have to generate what's called an app password. They allow you to gain access to your Google Account on devices that do not support verification codes.

How do you generate an app password? Let me show you.

  1. Visit your App passwords page (while logged into your Google Account). That link is
  2. Click the Select App drop-down and select which app you want to allow access to.
  3. Select the device you want to allow access from the Device drop-down.
  4. Finally, click Generate and a pop-up will appear with the new app password ready to be used. This 16-digit password will be used in place of your account password on the device in question.

You can create as many app passwords as you like. Just to be safe, revoke those passwords when they are no longer in use.

Congratulations, you can now access your two-step secured Google Account on a device that wouldn't normally support the feature.

By Jack Wallen

Jack Wallen is an award-winning writer for TechRepublic, The New Stack, and Linux New Media. He's covered a variety of topics for over twenty years and is an avid promoter of open source. For more news about Jack Wallen, visit his website jackwallen....