This gets me every time, so I am finally writing it down. You’re trying to configure some CMS SMTP mail delivery with a Gmail account, the nice simple way like pretty much every other SMTP setup you’re ever done not the Google OAUTH app stuff. But all the tests keep coming back “Could not authorize” blah blah blah.
There are numerous “how to’s” out there on how to do this, for instance the “Method 2: Setting up Gmail SMTP as SMTP Sender” at WPBeginner but the result is still the same: Authorization failed, userid or password.
I finally found one site that says you have to turn on “Allow less secure apps” in your Gmail account. (It’s under Security for your account.) Aha! And does that work, in and of itself? Nope.
But finally I stumbled across one lonely blog post that said you also had to turn off a Captcha challenge, and I don’t know how to navigate to that from my Gmail account settings execly, but the following direct link does work when you’re already signed in:
And voila! All of a sudden simple SMTP is working for Gmail from your CMS.
A note of caution: Turning off these two security features probably makes your Gmail account not quite so secure. So maybe you want to use a dedicated extra email account that is ONLY for outbound SMTP. And of course Gmail is keeping a copy of all those outbound messages in the Sent folder. Which might also be a security risk. The other option is to set up all the OAUTH stuff. Which is its own blog post.