Skip to Content

Apple Begins Reminding Two-Factor Authentication Users About App-Specific Passwords

by

Apple has begun emailing iCloud users who have enabled two-factor authentication on their Apple IDs, reminding them that application specific passwords will be required when trying to access iCloud data on third party apps starting tomorrow.

Screen Shot 2014-10-08 at 8.13.42 PM
In addition to the email reminders, Apple last week published a new support document educating users on how to use app-specific passwords. While the feature was originally intended to require the feature on October 1, it's unclear why two-factor authentication users are being reminded of it a week later.

App-specific passwords are a new feature Apple introduced in mid-September, following the launch of two-factor authentication for accessing iCloud.com. The changes arrived after a hacking incident that saw the iCloud accounts of several celebrities compromised due to weak passwords.

CEO Tim Cook has promised to improve iCloud security by increasing awareness around Apple's security features like two-factor authentication as well as a sending out email notifications whenever a device is restored, an account is accessed or a password change is attempted.

Popular Stories

imac video apple feature

Apple Unveils Two New Products

Monday March 2, 2026 7:49 am PST by
Apple today introduced two new devices, including the iPhone 17e and an updated iPad Air. iPhone 17e features the same overall design as the iPhone 16e, but it gains Apple's A19 chip, MagSafe for magnetic wireless charging and magnetic accessories, Apple's second-generation C1X modem for faster 5G, and a doubled 256GB of base storage. In the U.S., the iPhone 17e starts at $599, just like the ...
Read Full Article
Apple iPhone 17e feature

Apple Announces iPhone 17e With A19 Chip, MagSafe, and More

Monday March 2, 2026 6:07 am PST by
Apple today announced the iPhone 17e, featuring the A19 chip, MagSafe connectivity, faster charging, and more. The iPhone 17e contains the A19 chip introduced in iPhone 17. It features a 6-core GPU and a 4-core GPU. Apple pointed out that this makes it up to 2x faster than the iPhone 11. The new 16-core Neural Engine is optimized for large generative models. The iPhone 17e also contains...
Read Full Article212 comments
iPad Air M4 Chip 1

Apple Unveils iPad Air With M4 Chip, Increased RAM, Wi-Fi 7, and More

Monday March 2, 2026 6:05 am PST by
Apple today introduced a new iPad Air, with key upgrades including Apple's M4 chip for faster performance, an increased 12GB of RAM, Apple's N1 wireless networking chip with Wi-Fi 7 support, and Apple's custom C1X modem in cellular models. The new iPad Air has the same overall design as the previous-generation model, which is equipped with the M3 chip, 8GB of RAM, and Wi-Fi 6E support....
Read Full Article186 comments

Top Rated Comments

N
nikicampos
149 months ago
A ridiculous bandaid fix for their apparently weak password reset system. Three security questions, and anyone gets in without a verification email. So you have to bother with this annoying double authentication system. I might as well just make my security answers random codes themselves rather than dealing with this.

I remember Gmail somehow not working properly with third-party mail clients after they messed with their authentication system like this. I was too lazy to negotiate with it and switched to iCloud email as my "anonymous/internet" account.
People complain about eeeeverything!!!!! :rolleyes:
Score: 18 Votes (Like | Disagree)
D
droppingbasses
149 months ago
Had to Quickly Remind Myself...

When I read that email, I immediately though "Dammit that sounds so inconvenient" but I took a few steps back and realized how helpful that will be. I appreciate Apple's multiple levels of security:apple::cool:
Score: 10 Votes (Like | Disagree)
N
nikicampos
149 months ago
Yeah, I should. On computers, everything has to work (1 - 10^(-9000))*100% of the time.

Oh kid, welcome to life, if there's something that doesn't work at 100% all the time are computers, you are going to have a bad life thinking computers should work (1 - 10^(-9000))*100% of the time.

Welcome to the real world, you can complain all you want, but technology has it flaws..
Score: 5 Votes (Like | Disagree)
F
fortysomegeek
149 months ago
A ridiculous bandaid fix for their apparently weak password reset system. Three security questions, and anyone gets in without a verification email. So you have to bother with this annoying double authentication system to avoid that... or provide bogus security answers. I might as well just make my security answers random codes themselves rather than dealing with this. My first pet was Aahs8y238899_!!3.

I remember Gmail randomly rejecting authentication from third-party mail clients after they messed with their authentication system like this. I was too lazy- er, I mean optimized to try and fix it and switched to iCloud email as my "anonymous/internet" account instead.

This is basically how gmail works because 3rd party apps have no cookie mechanism & challenge follow-up. You need app specific passwords.

Apple's implementation is exactly like Google except you have more trusted device than SMS.
Score: 4 Votes (Like | Disagree)
Futurix Avatar
Futurix
149 months ago
A ridiculous bandaid fix for their apparently weak password reset system.

This is an industry-wide and fairly secure solution, used by the likes of Google, Microsoft, and Yahoo.
Score: 3 Votes (Like | Disagree)
J
JLL
149 months ago
It's just very unclear who would use app-specific passwords and who wouldn't, how they would be used, and how they would benefit the user.

If you want third party apps to have access to your iCloud account (eg. Outlook), you create a specific password for Outlook to use.

The app does not know your real iCloud password, and you can revoke the app specific password if you want to.
Score: 3 Votes (Like | Disagree)
Read All Comments