In our application, we use Gmail SMTP for sending some emails. It works fine on development environment but when deploy it on AppHarbor it doesn't. Yes, we turn on to allow less secure apps already.
Can anyone have experience on this? Thanks for your suggestion.
I have an answer finally. Not sure I read from where about App passwords.
After confirmed 2-Step Verification, there is an app passwords page https://security.google.com/settings/security/apppasswords and we can generate one to use for SMTP client from C# code.
It works well now.