Gammadyne Corporation

Authentication Failed

When attempting to send an email, your email program may report an "Authentication Failed" error message.  Authentication is the act of providing a user name and password.  In this situation, your user name and password are required to prove that you are authorized to send email.  If your mail server (also known as the SMTP server) rejects the user name and password, an Authentication Failed error will result.  You will not be able to send any email until this problem is resolved, although it may not affect the ability to receive email.

Why is authentication required?  Because without it, criminals could use your mail server to send out a flood of spam, earning it a severe blacklisting.

Error Messages
The mail server's exact error message varies.  There is no standard.  Following are some common errors:

454 TLS not available due to temporary reason - encryption is required for requested authentication mechanism.
521 5.2.1 Account/Mailbox has expired due to inactivity.
525 5.7.13 Account disabled
530 Must issue a STARTTLS command first - encryption required for requested authentication mechanism.
534 Authentication mechanism is too weak.
535 Authentication failed
535 SMTP Authentication unsuccessful/Bad username or password
535 SMTP AUTH failed with the remote server
535 Incorrect authentication data
535 5.7.0 Error: authentication failed
535 5.7.0 ...authentication rejected
535 5.7.1 Username and Password not accepted.
535 5.7.3 Authentication Unsuccessful
535 5.7.8 Bad credentials
538 Encryption required for requested authentication mechanism.

Depending on which email program you are using, it may show you the server's error message, or it may not.

There are quite a few conditions that could cause Authentication Failed:

  • The user name is incorrect.  Usually this is the same as your email address, however some SMTP servers require a different set of credentials that are separate from those used to receive email.
  • The password is incorrect.  Usually this is the same password for your email account.  If you are not certain, contact the mail server's administrator.
  • The SMTP server name could be wrong.  This is like trying to withdraw money from Bank of America with a Wells Fargo debit card.
  • The account could be temporarily or permanently disabled.  Contact the mail server's administrator.
  • Some servers require that the connection be encrypted with SSL/TLS.  Most email programs have an option that allows you to enable this feature.
  • Your email program may not support any of the authentication methods required by the mail server.  The most common methods are PLAIN, LOGIN, CRAM-MD5, DIGEST-MD5, and NTLM.  If you are administering a Microsoft IIS SMTP server, you must enable Basic Authentication by going here:
    IIS Manager > local computer > Default SMTP Virtual Server > Properties > Access tab > Authentication > Basic Authentication > (checked)
  • Gmail and Microsoft are now requiring OAuth authentication in many cases.  Your app should show an option for this.  The first time you log in with OAuth, a new tab will open in your browser where the provider will ask you if you want to give the app access to your mail account.