I got a message from Google security about the access ... Wish there was a way to whitelist just the plugin access... Any ideas?
Create an OAuth2 token just for your WordPress SMTP plugin. Sharing your Google user/password credentials with apps all over the web is exactly the kind of un-security that Google is trying to prevent.