I'm a huge proponent of Two-Factor Authentication (2FA) on every platform that I'm running. As a marketer that works with clients and client data, I simply can't be too careful about security so the combination of different passwords for every site, using Apple Keychain as a password repository, and enabling 2FA on every service is a must.
If you're running WordPress as your content management system, the system is typically configured to push email messages (like system messages, password reminders, etc.) through your host. However, this isn't an advisable solution for a couple of reasons:
- Some hosts actually block the ability to send outbound emails from the server so that they're not a target for hackers to add malware that sends emails.
- The email that comes from your server typically isn't authenticated and validated through email deliverability authentication methods like SPF or DKIM. That means these emails may just be routed directly to the junk folder.
- You don't have a record of all the outbound emails that are pushed from your server. By sending them via your Google Workspace (Gmail) account, you will have all of them in your sent folder – so you can review what messages your site is sending.
The solution, of course, is to install an SMTP plugin that sends your email out of your Google Workspace account instead of just being pushed from your server.
Easy WP SMTP WordPress Plugin
In our list of the best WordPress plugins, we list the Easy WP SMTP plugin as a solution for connecting your WordPress site to an SMTP server to authenticate and send outgoing emails. It's simple to use and even includes its own test tab for sending an email!
The settings for Google Workspace are pretty simple:
- SMTP: smtp.gmail.com
- Requires SSL: Yes
- Requires TLS: Yes
- Requires Authentication: Yes
- Port for SSL: 465
Here's how it looks (I'm not displaying the fields for username and password):
The problem is now authentication. If you have 2FA enabled on your Google account, you can't just enter your username (email address) and password within the plugin. You'll get an error when you test that tells you that you need 2FA to complete authenticating to Google's service.
However, Google does have a solution for this… called App Passwords.
Google Workspace App Passwords
Google Workspace allows you to make application passwords that don't require two-factor authentication. They're basically a single purpose style password that you might use with email clients or other third-party platforms… in this case your WordPress site.
To add a Workspace App Password:
- Login to your Google Account.
- Select Security.
- Under Signing in to Google, select App Passwords.
- Select Other, and write the name of your site and generate a password.
Google will enable a password and provide it to you so that you can use it to authenticate.
Paste the generated password Easy WP SMTP and it will authenticate properly. Test an email, and you'll see that it's sent: