How to fix the two-factor authentication log-in error in Gmail on Android

Can't log in to the Gmail Android app after enabling two-factor authentication option? It's easy to fix!

I'm a fan of being secure, so naturally I decided to turn on two-factor authentication for my Google account. Essentially what this means is that every time you access your Google account from a new computer or other device for the first time you will need to enter a code that is sent to your mobile phone as an SMS (or you can install an app to generate the codes yourself). (You will need to reauthorise devices every 30 days — there's also an option to have the authentication expire early.)

However, I (and a lot of other people judging from a quick Web search) encountered a problem with my Android phone after enabling two-factor authentication: The Gmail app wouldn't let me log in, and I couldn't find any option to get Google to send me an authentication code for the app (the mobile Gmail site still worked fine after obtaining a code).

It turns out the solution is simple. The reason the problem happens is, as Google notes (and as I completely ignored when switching on the two-factor authentication option), not all Google apps are compatible with the system yet. However, Google offers the option of using a browser to generate a special application-specific password.

Simply go to your Google account settings, and select the option to edit your two-factor settings. Then select the option 'Manage application-specific passwords'. This will prompt you two enter a name for the device you're authorising (in my case my HTC Desire HD Android phone). You can then generate a random password that will let you use the Android Gmail app. (You can also revoke access from the same interface.)

Problem solved!

Join the CSO newsletter!

Error: Please check your email address.

Tags Gmailtwo-factor authenticationGoogle Android phonessecurityGoogle AndroidAndroid

More about GoogleHTC

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Rohan Pearce

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place