The data you store on Apple’s services is typically pretty secure. So what happens when a third-party service needs to access that data? Enter Apple app specific passwords.
Whether you need a primer on app-specific passwords or you just want to brush up on how to use and manage them, here’s everything you need to know about the Apple feature.
App-specific passwords are a security feature that lets you use third-party apps with your Apple data (without giving them too much access).
App-specific passwords are, essentially, a randomly generated way for a third-party app or service to access certain parts of your Apple ID. They’re basically the only way to use a third-party service with certain iCloud services, such as mail, contacts or calendar.
What sets app-specific passwords apart from simple cross-app integration is that they’re much more secure. In general, apps you connect to your Apple ID can only access three types of data from your Apple account: email, contacts or events.
You’ll use an app-specific password for any mobile, desktop or browser app that requires access to some parts of your Apple ID data, such as the events you create in Calendar or the addresses in Contacts.
An app-specific password lets a third-party service access, say, your calendar dates — but nothing else. It also ensures that your password or login credentials are never shared with another service or stored on their servers.
How to use app-specific passwords
The app-specific password pane is a bit hidden, but you’ll find it on the Apple ID site.
Note: To use app-specific passwords, you’ll need to make sure that two-factor authentication is enabled on your Apple account. If it isn’t, it’s something we recommend doing anyway.
Creating an app-specific password is actually pretty easy. But you can also do it through the official Apple ID management portal.
Head to Apple’s Apple ID webpage. Log in with your credentials. (You may need to authenticate via two-factor if you aren’t on a trusted device.)
Here, you’ll find several subheadings — including one that says “Security.”
In the Security section, you’ll see a button underneath App-Specific Passwords that says Generate Password…
Enter a password label so you can keep track of your app-specific passwords.
Once you do, you’ll find the app-specific password. Write this down or copy and paste it.
With the app-specific password in hand, you can now connect a third-party app to your Apple ID.
The exact process for logging in with an app-specific password will vary by app. They should offer instructions on how to do so.
Some apps have a specific section for connecting your app-specific password. For other apps, just enter the email address associated with your Apple ID and the app-specific password in the password field.
How to manage and revoke app-specific passwords
You can view how many active app-specific passwords you have by hitting View History.
At any one time, you can only have 25 active app-specific passwords connected to your Apple ID. But if you find yourself not needing one of those passwords, you can always revoke it.
This also comes in handy if you’re having doubts about the security or privacy of a third-party service. You can revoke its app-specific password without needing to change your primary password or reset your account.
Speaking of which, if you do end up changing the password on your Apple ID, all of the app-specific passwords that you use will be revoked as a security measure.
Once they’re revoked, you’ll need to generate a new app-specific password to continue using that service.
Want to revoke an individual app-specific password? Just hit the X icon next to it.
Log back into your Apple ID account page.
Find the Security section and hit the Edit button next to it.
Underneath the App-Specific Passwords section, you’ll now see a small button dubbed “View History.”
Here, you’ll find how many active app-specific passwords you currently have. You’ll also see exactly when you created it, as well as the label you originally gave it.
To delete a single app-specific password, hit the X next to it.
Need to get rid of all your app-specific passwords in a hurry? You can by clicking Revoke All.
When you’re done managing them, just hit the Done button.
Once you revoke an app-specific password, it will no longer have access to your Apple content. The specific password will also be invalidated permanently, so it can’t be reused down the road.
A few additional notes and tips
While using app-specific passwords is pretty simple, here are a few additional tips that are handy to know about the service.
Apple recommends that you use a different app-specific password for each third-party service or app. We do, too. But you can actually re-use an app-specific password across multiple third-party apps (as long as it isn’t revoked). On the other hand, you won’t be able to view an app-specific password again once it’s generated. So if you want to reuse, make sure to write it down somewhere accessible.
While you don’t necessarily need to remember your app-specific password, it’s best to treat them just like your regular password. Keep them out of the wrong hands. If a bad actor happened to get it, they could use it for nefarious purposes including harvesting some of your data.
Certain third-party services don’t need app-specific passwords, particularly those with a partnership with Apple. One notable example is iCloud for Windows. As long as you’re signed into iCloud for Windows, you won’t need app-specific passwords when using Microsoft software.
You may also need app-specific passwords for older Apple devices, such as Macs that run software older than Mac OS X Lion 10.7.5 or iOS devices that run iOS 5 or earlier.
Troubleshooting app-specific passwords
If a particular app-specific password isn’t letting you log into Apple services from a third-party app, we recommend revoking it and creating a new one.
If, for some reason, that new app-specific password doesn’t work, there’s likely a problem with the app that you’re trying to use. Make sure the app is still being maintained. And, worst-case scenario, contact the developer for additional troubleshooting.
We hope that you found this article informative and useful. Please let us know in the comments below if you have any questions.
Mike is a freelance journalist from San Diego, California.
While he primarily covers Apple and consumer technology, he has past experience writing about public safety, local government, and education for a variety of publications.
He’s worn quite a few hats in the journalism field, including writer, editor, and news designer.
Since app-specific passwords started I haven’t been able to send emails from Thunderbird using the @me.com or iCloud.com . I get a message when I attempt to send saying that the SMTP password and/or settings are not recognised. What should the settings be? Apple Community hasn’t responded to this problem and I’m using other third party email addresses such as @talktalk.net . Strangely, incoming email to my Apple email account is not affected.
Any ideas? The Apple instructions I find are rather vague!
Pretty useful summary (better than the Apple own guide). I need to use app-specific passwords to get Outlook client to access iCloud e-mail (on my original mac.com address).
I’d recommend use of a password safe like Keepass (which I use with Kypass client on iphone/ipad.
Not in the article, but worth knowing– these app-specific passwords are time-limited. They seem to last about 6 months and then expire…..without warning.
If you see the offering for a strong password and you don’t want to use it, tap in the first field that shows the suggested password. You should then be able to change it to anything you want.
I think app specific passwords are too complicated to use on top of all other security a waste of time I will use anything but
Since app-specific passwords started I haven’t been able to send emails from Thunderbird using the @me.com or iCloud.com . I get a message when I attempt to send saying that the SMTP password and/or settings are not recognised. What should the settings be? Apple Community hasn’t responded to this problem and I’m using other third party email addresses such as @talktalk.net . Strangely, incoming email to my Apple email account is not affected.
Any ideas? The Apple instructions I find are rather vague!
That was a helpful article, Mike. I can’t find an official Apple source that corroborates this line:
“In general, apps you connect to your Apple ID can only access three types of data from your Apple account: email, contacts or events. ”
Where did you find this information? Can you confirm it?
Pretty useful summary (better than the Apple own guide). I need to use app-specific passwords to get Outlook client to access iCloud e-mail (on my original mac.com address).
I’d recommend use of a password safe like Keepass (which I use with Kypass client on iphone/ipad.
Not in the article, but worth knowing– these app-specific passwords are time-limited. They seem to last about 6 months and then expire…..without warning.
Thanks for the helpful summary.
I can’t set a password
Hi Richard,
If you see the offering for a strong password and you don’t want to use it, tap in the first field that shows the suggested password. You should then be able to change it to anything you want.