NodemailerError - Invalid login: 535-5.7.8 Username and Password not accepted

I’ve been trying to setup a simple OTP verification system on my webpage using Nodemailer module, the whole code is a bit long, so here is a reproducible example,

Here is the whole project: https://glitch.com/edit/#!/mcve?path=server.js%3A1%3A0

The above code outputs the following error:

Error: Error: Invalid login: 534-5.7.14 https://accounts.google.com/signin/continue?sarp=1&scc=1&plt=AKgnsbvy0np80BKN2q6auXneWIBQnEVSI4O4l4EAJ3OcPLgZiYjhKQC1xibB6dnf_vNcN1fKnU1BmE4S4M1R6Yi4BCDl-uCnBo4R_aWBdVEmA84dHcXRSIp4o23Ua_9ez6dnyMEGMS6X
534-5.7.14 Please log in via your web browser and then try again.
534-5.7.14 Learn more at
534 5.7.14 https://support.google.com/mail/answer/78754 q130sm13278448qke.80 - gsmtp

code: ‘EAUTH’,
response: '534-5.7.14 ’ +
https://accounts.google.com/signin/continue?sarp=1&scc=1&plt=AKgnsbvy0np80BKN2q6auXneWIBQnEVSI4O4l4EAJ3OcPLgZiYjhKQC1xibB6dnf_vNcN1fKnU1BmE4S4M1R6Yi4BCDl-uCnBo4R_aWBdVEmA84dHcXRSIp4o23Ua_9ez6dnyMEGMS6X\n’ +
‘534-5.7.14 Please log in via your web browser and then try again.\n’ +
'534-5.7.14 Learn more at\n534 5.7.14 ’ +
'https://support.google.com/mail/answer/78754 q130sm13278448qke.80 - ’ +
‘gsmtp’,
responseCode: 534,
command: ‘AUTH PLAIN’
}


However, it sometimes gets logged in mysteriously and I get “success!” message.
How to fix it?

I’m no nodemailer expert but a quick Google search pulled up something rather interesting I think. Maybe instead of using

let trans = nm.createTransport({
    host: 'smtp.gmail.com',
    port: 465,
    secure: true, // use SSL
    auth: {
        user: process.env.EMAIL,
        pass: process.env.PASS
    }
});

try using

let trans = nm.createTransport({
    service: 'gmail',
    auth: {
        user: process.env.EMAIL,
        pass: process.env.PASS
    }
});

as suggested by this article. Seems like maybe nodemailer has some preset for gmail in which case configuring it may be handled for you…

I guess that you’ve not read the whole question, I’ve mentioned in the bottom that I’ve tried service: 'gmail' part too.
However, I’d again tried changing my mcve, but nothing changed up.

Meanwhile, I was watching this video: https://www.youtube.com/watch?v=Va9UKGs1bwI
and it only says to turn on “less security”, which I’ve already done…

1 Like

@vrintle, I’ve had my fair share of Nodemailer + Gmail, and let me tell you that Gmail isn’t meant for Nodemailer as Gmail is super duper security protected. If you really want to use Gmail with Nodemail, I suggest you use Gmail oAuth, which also allows you to turn off access for less-secure apps. oAuth also doesn’t require password. Instructions on how to us Gmail oAuth with Nodemailer: https://medium.com/@nickroach_50526/sending-emails-with-node-js-using-smtp-gmail-and-oauth2-316fe9c790a1.

Make sure to store the various tokens in you .env file!

Demo: built using the same tutorial: https://khaleelgibran.glitch.me/contact

1 Like

@FlantasticDan, I removed that error, but now a new error persists. The previous error was removed by just “turning on less-security”, which I’ve done multiple times, but actually it was not turned on. But strangely, it has been turned on now :alien:

@khalby786, If that service is free-of-cost, I’ll sure have a look, thanks! :smiley:

1 Like

Yes, the service is completely free of cost!

1 Like

Thanks a lot, man. I created my first user-system based site: https://rv-login.glitch.me/
using OAuth2 API, it is wonderful API and easy to use. :smiley:

I’ll mark your answer as “solution” within 24 hrs, if no solution to original question comes up.

1 Like

This worked for me too.

I just turned it off and then turned the less secure enabled back on.
And all the issue resolved after debugging of 2 hours -_-

1 Like

Hey @ahmad-punch,

Thanks for contribuiting!

Just note that bumping threads should not be practiced, if you enjoyed a solution, please use the :heart: button.

2 Likes