how secure/insecure is "access for less secure apps"? (for using smtp.gmail.com)

[ralphzak]

i've gone to settings and enabled access for less secure apps.

So that I can configure outlook to use gmail smtp server. Or so that I can configure any program.. e.g. ssmtp..

It seems that if without setting that option to enabled, then the only thing that you can only send email via the web.. or maybe a a google app on a phone.. But when using a program not made by google, the email gets blocked.

e.g. ssmtp says "ssmtp: Authorization failed (534 5.7.14 https://support.google.com/mail/bin/...y?answer=78754 cb6sm1286402wjc.30 - gsmtp)"

smtp.gmail.com port 587 tls
Send test e-mail message: Cannot send the message. Verify the e-mail address in your account properties. The server responded: 530 5.5.1 http://support.google.com/mail/bin/a...y?answer=14257 cz3sm18612494wjb.23 - gsmtp


So I enable less secure apps..

And then it is fine..

But is that a big security risk?

[David]

I am wondering why anyone would want to use 'smtp.gmail.com' - unless they were very short of cash - there are certainly better solutions ' for a few dollars more'

If money really is an issue, I do apologise for my reply.

[danieldk]

Quote:

Originally Posted by David

I am wondering why anyone would want to use 'smtp.gmail.com' - unless they were very short of cash - there are certainly better solutions ' for a few dollars more'

smtp.gmail.com is also the SMTP server for Google Apps for Work.

To answer the original question: I guess it depends on what the particular shortcomings of the client are. E.g., it could be that some clients do not support TLS, but only SSLv3, which is far less secure.