mpenkov
commented
11 years ago You have two options: 1) use an application-specific password; 2) use OAuth2 authentication tokens. The first option is straightforward - you can obtain a new application-specific password from your account settings. Have a look at https://github.com/mpenkov/supersaas2google/blob/master/sync.py for an example of the second option.
In either case, it gets handled outside the gmail library.
Some people turn on 2-step authentication. It doesn't look like this library supports that, although I may be missing something. This post or this one may be of use.