Verifying Gmail credentials in Python: How to check if a password is valid?

I’m working on a Python script to validate Gmail account credentials. My goal is to check if the user-provided password matches their Gmail account. However, my current code always prints ‘INCORRECT’ regardless of the input. Here’s what I’ve tried so far:

import smtplib

email = input('Enter your Gmail address: ')
password = input('Enter your password: ')

smtp_server = smtplib.SMTP('smtp.gmail.com', 587)
smtp_server.starttls()

try:
    result = smtp_server.login(email, password)
    print('VALID')
except smtplib.SMTPAuthenticationError:
    print('INVALID')
finally:
    smtp_server.quit()

Can someone help me figure out why this isn’t working as expected? Is there a better way to verify Gmail credentials in Python? Any advice would be appreciated!

hey mate, i had similar trouble. google’s pretty strict these days. have u tried using an app password? its easier than oauth2 for quick scripts. go to ur account settings, make an app password, and use that instead. works like a charm for me. good luck!

Your approach is on the right track, but there are a few things to consider. Gmail has strict security policies that often block login attempts from scripts like this. Even with correct credentials, you might get ‘INVALID’ responses.

A more reliable method is to use OAuth2 for authentication. This involves setting up a project in Google Cloud Console, enabling Gmail API, and using libraries like google-auth and google-auth-oauthlib.

Here’s a simplified example:

from google.oauth2.credentials import Credentials
from googleapiclient.discovery import build

creds = Credentials.from_authorized_user_file('token.json', ['https://www.googleapis.com/auth/gmail.readonly'])
service = build('gmail', 'v1', credentials=creds)
profile = service.users().getProfile(userId='me').execute()

print('Valid credentials for:', profile['emailAddress'])

This method is more secure and aligns with Google’s recommended practices for accessing Gmail programmatically.

I’ve dealt with similar issues when working on email authentication. The problem you’re facing is likely due to Google’s security measures. They’ve made it harder to use simple username/password combinations for third-party apps.

Instead of directly using the Gmail password, you should set up an ‘App Password’ in your Google Account settings. This is a 16-character code that allows access to your Gmail account from less secure apps.

To do this, go to your Google Account > Security > App passwords. Generate a new app password for your Python script. Then use this password in your code instead of your regular Gmail password.

Also, make sure you’ve allowed less secure app access in your Google Account settings. Keep in mind though, this isn’t recommended for long-term use as it’s less secure.

If you’re developing something more robust, consider using OAuth2 for authentication. It’s more secure and is Google’s preferred method for accessing their services programmatically.