Apple: two-step verification for Apple IDs will require app-specific passwords starting tomorrow


If you have two-step verification enabled and you’re currently signed in to a third-party app using your Apple ID password, you’ll need to adjust to a new change starting tomorrow. For security purposes, Apple is introducing app-specific passwords to access iCloud data using third-party apps.

Apple will allow users to generate these app-specific passwords via the Password & Security section of its Apple ID website. Once there, you’ll simply need to click Generate App-Specific Password to create a password for the third-party app that you wish to grant access to your iCloud data.

A few minutes ago, I received this email highlighting the changes and subsequent requirements:

App Specific Apple Requirement

This means that if you’re now signed into a third-party app with your Apple ID credentials, you’ll be signed out automatically, and you’ll need to generate a new password using the outlined steps. Apps that may be affected included Outlook, and other third-party email apps. You might also find that you need to generate an app-specific password for calendar apps that use your Apple ID to access your iCloud calendars. One such calendar that comes to mind is Fantastical for the Mac.

To create an app specific password, go to the Apple ID website → Password & Security → Generate an app-specific password.

App Specific Password

Click the Generate an App-Specific Password link

App Specific Password 1

Give your app specific password a label and click Generate

App Specific Password 2

A unique app-specific password is generated

App Specific Password 3

You can view app-specific password history and revoke single passwords or all passwords

Users will be able to have up to 25 app-sepecific passwords configured at any one time. You’ll be able to view your password history, and revoke all or individual passwords to free up space if needed.

Overall, this is great news for user security. We still get to grant our favorite third-party apps access to our iCloud data, but we will now be able to do so in such a way that keeps our primary Apple ID password safe and secure.

Are you happy that Apple is taking more drastic measures to ensure user security as of late?