Apple's Beats brand in April unveiled the Powerbeats Pro, a redesigned wire-free version of its popular fitness-oriented Powerbeats earbuds.
Apple to Require App-Specific Passwords For Third-Party Apps Accessing iCloud
Apple is now offering app-specific passwords for third-party apps that access iCloud, allowing users to generate unique one-time use passwords to sign into iCloud securely. In a support document, Apple describes app-specific passwords as a feature of two-step verification and states that app-specific passwords will be required to sign into iCloud when using a third-party app beginning on October 1, 2014.
As outlined in the support document, app-specific passwords can be generated by accessing My Apple ID, where the option to generate an app-specific password is listed under Password and Security. According to Apple, users can have up to 25 active app-specific passwords at a time, which are listed in the Password and Security section of My Apple ID.
Generating an app-specific password is limited to accounts with two-factor authentication turned on, and for security reasons, Apple sends an email whenever an app-specific password is generated. App-specific passwords will be revoked whenever a user's primary Apple ID password is changed, requiring new app-specific passwords to be generated.
Apple's new app-specific passwords follow the launch of two-factor verification for accessing iCloud.com and come after a hacking incident that saw the iCloud accounts of several celebrities compromised due to weak passwords.
Apple CEO Tim Cook has promised to improve iCloud security by increasing awareness about two-factor verification, as well as sending out security emails whenever a device is restored, iCloud is accessed, or a password change is attempted.
If you use iCloud with any third party apps, such as Microsoft Outlook, Mozilla Thunderbird, or BusyCal, you can generate app-specific passwords that allow you to sign in securely, even if the app you're using doesn't support two-step verification. Using an app-specific password also ensures that your primary Apple ID password isn't collected or stored by any third party apps you might use.App-specific passwords, which have long been used by other sites like Google, are a function of two-step verification. Typically, two-step verification requires a user to enter a verification code, but oftentimes, the codes will not work properly in third-party apps, so app-specific passwords are substituted instead.
As outlined in the support document, app-specific passwords can be generated by accessing My Apple ID, where the option to generate an app-specific password is listed under Password and Security. According to Apple, users can have up to 25 active app-specific passwords at a time, which are listed in the Password and Security section of My Apple ID.
Generating an app-specific password is limited to accounts with two-factor authentication turned on, and for security reasons, Apple sends an email whenever an app-specific password is generated. App-specific passwords will be revoked whenever a user's primary Apple ID password is changed, requiring new app-specific passwords to be generated.
Apple's new app-specific passwords follow the launch of two-factor verification for accessing iCloud.com and come after a hacking incident that saw the iCloud accounts of several celebrities compromised due to weak passwords.
Apple CEO Tim Cook has promised to improve iCloud security by increasing awareness about two-factor verification, as well as sending out security emails whenever a device is restored, iCloud is accessed, or a password change is attempted.
[ 55 comments ]
Top Rated Comments
(View all)
61 months ago
... That Google users have been using for about 7 years now.
And by 7 years you mean 3, correct?
http://googleblog.blogspot.com/2011/02/advanced-sign-in-security-for-your.html
Way to build credibility. Oh, and by the way, if you ask 10 gmail users on the street today whether they use 2FA on their gmail account I would be willing to bet at least 7 of them say, "What's that?"
61 months ago
It feels like apple had all of these securities measures built but just never released for various reasons.
Scaling to millions of users is a very tough task, regardless of how much money the company has. Scaling is what Google excels at, which is why they had almost all of this in place when they had 2FA on and their authenticator app.
Apple's great at creating the demand but they suck at supplying it (scaling).
61 months ago
iCloud Mess
is it me or is this all getting to be a mess.
Steve was all about simplifying things. iTunes is an utter mess. It doesn't even have an identity of purpose now.
Plug in syncing, wireless syncing, management of syncing through itunes on both wireless and wired, manual management of content that gets rid of previous said options. icloud downloading of content, itunes match, home sharing (which never works), now account sharing between people in your family, iphoto streaming, iphoto library with video and photo backup, icloud 2 question authentication, icloud 2 factor authentication, app specific password, icloud keychains.
HONESTLY?? Can we not do a better job of simplifying this? Then you get constant backup error messages saying icloud couldn't backup guilting you into buying more icloud storage.
Now every time you change something on your account you get 5-10 emails in a row telling you something changed and a message popping up on every device telling you something changed.
This is a complete mess. and NO MERE MORTAL will understand what this all means.
Seriously. The whole Spirit of Steve was to do better on issues like this.
is it me or is this all getting to be a mess.
Steve was all about simplifying things. iTunes is an utter mess. It doesn't even have an identity of purpose now.
Plug in syncing, wireless syncing, management of syncing through itunes on both wireless and wired, manual management of content that gets rid of previous said options. icloud downloading of content, itunes match, home sharing (which never works), now account sharing between people in your family, iphoto streaming, iphoto library with video and photo backup, icloud 2 question authentication, icloud 2 factor authentication, app specific password, icloud keychains.
HONESTLY?? Can we not do a better job of simplifying this? Then you get constant backup error messages saying icloud couldn't backup guilting you into buying more icloud storage.
Now every time you change something on your account you get 5-10 emails in a row telling you something changed and a message popping up on every device telling you something changed.
This is a complete mess. and NO MERE MORTAL will understand what this all means.
Seriously. The whole Spirit of Steve was to do better on issues like this.
61 months ago
How will this help with the NSA/MI6 looking?
It won't.
I am also curious as to why the number of apps is limited to 25.
61 months ago
The Fappening 2015 still going to happen even if it is more secure.
That's because people will still use "hunter2" as their password but not 2FA.
61 months ago
Or here's another reason: Apple wants to make sure their users' experience is predictable and as simple as possible.
App specific passwords, and setting up 2FA in Google is a kludgy mess, and has run inconsistently at times, to the point that many people I have recommended do it end up going back to simple password authentication out of pure frustration. Their experience has been similar to mine (and I know what I'm doing). But I recognize the risk involved with using gmail without 2FA, so I have put up with it.
Wow, some of you really like just making stuff up on these forums huh?
As long as you sound like you know what you're talking about, and praise Apple, no one will really question you.
Gotta support the team, I guess. :apple:
61 months ago
Very true, so many people have no clue what it is.
And it seems like most of the people that do know what it is are unwilling to go through the trouble to set it up, and use it.
My wife finally allowed me to set it up for her on Google Mail last weekend, after a bunch of allegedly valid Gmail passwords were published.
I enable 2-factor authentication wherever I can. Since Google Authenticator is open, you can implement it in your own application. Here's how to use it in an SSH server:
https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-two-factor-authentication
61 months ago
Are you kidding on that? Apple has the cash hoards to buy companies, staff and figure out how to scale. There is no excuse for their utter lack of real security, celebs or not. Google has done it better for longer because they actually know what they are doing.
Yeah google has never gotten 5 million usernames and passwords posted on russian sites this month
Oh wait....[emoji57]
http://m.nydailynews.com/news/world/5-million-gmail-usernames-passwords-posted-online-article-1.1935155
[ Read All Comments ]
A couple of months ago, Boss Audio debuted its latest aftermarket CarPlay receiver, the BVCP9685A, offering a relatively low-cost way to add wired CarPlay (and Android Auto) to your existing...
For this week's giveaway, we've teamed up with Astropad to give MacRumors readers a chance to win a Luna Display adapter, a useful dongle that turns your iPad into a second screen for your...
Microsoft today announced "Minecraft Earth," a new game coming to iOS and Android in beta this summer that uses augmented reality to place virtual Minecraft blocks and characters into the...
Twitter today updated its TweetDeck for Mac app to introduce a new compose window with a refreshed look and new capabilities.
The updated window features a cleaner design with either a dark...
Apple Pay will likely launch in the Netherlands in the very near future, as the service has now been elevated to "beta" status internally at Apple ahead of its much-anticipated rollout in the...
B&H Photo is discounting the latest 12-inch MacBook in a variety of configurations and color options, with prices starting at $899 for the 256GB model. However, the highlight of the sale is...
DTS today announced availability of AirPlay 2 in select DTS Play-Fi products, including the McIntosh RS200 wireless loudspeaker system and the Arcam rPlay music streamer, with support for additional...
Direct for Instagram, the companion direct messaging app for the photo-sharing social media platform, is being killed off by Instagram in the next few weeks.
First spotted by social media...
