Blog
Gmail, Outlook, Yahoo, and iCloud: Which Sign-in Method Does Each Provider Support?
Outlook personal accounts dropped App Password support in September 2024. iCloud requires App-Specific Passwords only. Gmail and Yahoo support both. Here is the full comparison.
If your email app stopped connecting after you entered the right password, authentication is probably the reason - not the password itself.
Each major email provider has made different decisions about which sign-in methods they support in third-party clients. Knowing which methods your provider actually allows is the first step to a successful connection.
What each provider supports at a glance:
- Gmail: OAuth or App Password (OAuth recommended)
- Outlook personal accounts: OAuth only - no App Password since September 16, 2024
- Yahoo: OAuth or App Password (OAuth recommended)
- iCloud: App-Specific Password only - no OAuth
What OAuth is
OAuth is a sign-in method that works through your provider's own website. When you see a "Sign in with Google" or "Connect with Microsoft" button in an email app, that is OAuth.
The app never sees your password. Instead, your provider issues a token that the app uses to access your mail. You can revoke that token at any time from your provider's security settings without changing your password.
Why OAuth is the stronger option:
- Your main password is never shared with the third-party app
- Access is scoped to what the app actually needs - not full account control
- Revoking one app's access does not affect your other accounts or apps
What App Passwords are
An App Password is a secondary credential your email provider generates for you. You create one in your account settings, paste it into the email app, and the app uses it for IMAP and SMTP authentication.
App Passwords became common when providers added two-factor authentication but before OAuth was widely supported in third-party apps. They are still valid today where supported, but they give the app broader access than a scoped OAuth token.
Gmail
What works: OAuth and App Password.
Google recommends OAuth. Sign in with Google, grant access, and the connection is handled. If you need to connect an older app that does not support OAuth, you can generate an App Password from your Google account settings - but 2-Step Verification must be enabled first.
One setup detail specific to Gmail: IMAP access must be enabled in Gmail settings before any third-party client can connect. Accounts created recently have this on by default, but older accounts may not.
Outlook (Microsoft personal accounts)
What works: OAuth only.
Microsoft removed App Password and Basic Authentication support for personal Outlook accounts on September 16, 2024. This applies to outlook.com, hotmail.com, live.com, and msn.com addresses.
If you enter your Outlook password into a third-party email app and the connection fails, the problem is not the password - it is the authentication method. The correct path is to use the "Connect with Microsoft" button and complete sign-in through Microsoft's own site.
Work and school Microsoft 365 accounts are managed separately by an organization administrator. Some organizations still allow legacy authentication, but Microsoft is pushing all tenants toward Modern Authentication.
Yahoo Mail
What works: OAuth and App Password.
OAuth is the recommended path. Yahoo's OAuth implementation is stable and the straightforward choice for new connections.
If you prefer a password-based setup, Yahoo supports App Passwords for accounts with two-step verification enabled. Generate one from Yahoo account security settings.
iCloud (Apple)
What works: App-Specific Password only.
Apple does not support OAuth for third-party email clients using IMAP. To connect an iCloud account to any third-party app, you need an App-Specific Password - a credential separate from your main Apple ID password.
Before you can generate App-Specific Passwords, Two-Factor Authentication must be enabled on your Apple ID. You create them at appleid.apple.com.
iCloud email works with @icloud.com, @me.com, and @mac.com addresses. Custom domains from iCloud+ use the same setup.
Which method should you use?
Use OAuth when the provider supports it. It is the more limited, revocable option - the app gets access to your mail without your password ever leaving your provider.
When a provider requires App Passwords (iCloud), or when a specific app does not support OAuth, use an App Password. Generate a separate one for each app so you can revoke individual access without disrupting everything else.
When a provider has removed password-based access entirely (Outlook personal), OAuth is no longer optional - it is the only path that works.
Frequently asked questions
Why did my Outlook connection stop working in 2024?
Microsoft stopped accepting Basic Authentication and App Passwords for personal Outlook accounts on September 16, 2024. Connections that previously worked with a password stopped working after that date. The fix is to reconnect using OAuth through your email app's Microsoft sign-in button.
Does iCloud support OAuth for email?
No. Apple does not offer OAuth for third-party IMAP clients. The only supported method is an App-Specific Password, generated from your Apple ID account page at appleid.apple.com.
Is OAuth actually more secure than an App Password?
OAuth gives the email app a scoped token rather than a reusable password. If that token is ever compromised, you can revoke just the app's access without changing your main password or affecting other connected apps. App Passwords are separate from your main password, which is better than using your real password directly - but a compromised App Password still grants broad access to your mail until you manually revoke it.
Can I connect Gmail without enabling IMAP?
No. Gmail requires IMAP access to be turned on in account settings before any third-party client can connect. OAuth sign-in will still fail if IMAP is disabled. You can enable it under Settings > See all settings > Forwarding and POP/IMAP in Gmail.
More sign-in guides
- Gmail sign-in guide - OAuth setup, App Password generation, and IMAP settings
- Outlook sign-in guide - Microsoft OAuth, personal vs work accounts
- Yahoo sign-in guide - OAuth and App Password, two-step verification
- iCloud sign-in guide - App-Specific Password setup, Apple ID requirements