My email password reset functionality not working

Using Django Mystery Errors
1

Hi everyone,

I’m facing an issue with Django’s password reset functionality using Gmail’s SMTP server. Despite following best practices, I’m getting authentication errors (535 5.7.8 Username and Password not accepted). I’d appreciate guidance from anyone who has overcome similar Gmail restrictions.

What I’ve Tried:

  1. Generated a 16-digit app-specific password (2-Step Verification enabled)
  2. Tested both ports 587 (TLS) and 465 (SSL)
  3. Approved device via Google’s Unlock Captcha
  4. Verified credentials work in standalone Python scripts but fail in Django

Configuration in python settings.py:
EMAIL_BACKEND = ‘django.core.mail.backends.smtp.EmailBackend’
EMAIL_HOST = ‘smtp.gmail.com
EMAIL_PORT = 587
EMAIL_USE_TLS = True
EMAIL_HOST_USER = ‘myapp@gmail.com’ # Actual email replaced
EMAIL_HOST_PASSWORD = ‘app-specific-password’

Error Log:
smtplib.SMTPAuthenticationError: (535, b’5.7.8 … BadCredentials …')

  1. Are there Android-specific SMTP quirks I’m missing (testing on Pydroid 3)?
  2. Should I switch to alternative email providers (e.g., Mailgun, SendGrid)?
  3. Could Google be blocking “less secure apps” despite app passwords?

Any insights or workarounds would be invaluable! I’m happy to share sanitized code/config snippets if needed.

Note:I’ve redacted sensitive credentials above.

2

Those settings seem fine.

(Or at least, I was able to send email from Django through Gmail using those settings, with a freshly-created Gmail app password, and using Django’s sendtestemail management command.)

Since you say the credentials work in other scripts but not in Django, I would look at how your app is getting those settings. You could temporarily add a print() in your settings.py to check EMAIL_HOST_PASSWORD and _USER are what you expect.

Are you maybe using an env file? If so, a common source of credentials errors is trying to use end-of-line # comments. Many env file readers don’t support that, so the comment gets included as part of the settings value.

For initial testing or a small personal project sending a few emails, Gmail is probably fine. For anything more, you should find an alternative. If you email too many different recipient addresses, Google will think you might be sending spam and disable your account. (Their threshold for “too many” has changed over time, and I can’t give you an exact number.)

3

Ok let me try newly generate app password and sendtestmail