Apple ID

How to generate app-specific passwords

Christian Zibreg ∙ Updated July 6, 2018

Apps designed to use iCloud Drive for syncing data between devices “just work”. On the other hand, those that don’t natively support Apple's secure Two-Factor Authentication system may ask for your Apple ID password to access data stored in your iCloud account.

For instance, Fantastical for Mac may require your Apple ID user name and password to import your iCloud calendars. And what if you'd like to use your iCloud email account in apps like Spark or Airmail, but don't want to expose your Apple ID credentials to the app?

Given that asking for the user's iCloud password poses a dangerous attack vector, Apple now mandates that all native apps use app-specific passwords to access user data stored in iCloud.

The change goes into effect on June 15, 2017.

To ensure worry-free experience, you can use an app-specific password to sign in to an app or service not provided by Apple, without ever typing your Apple ID password.

In this step-by-step tutorial, you will learn how to create an app-specific password for any native app that wants to access your personal data stored in iCloud, revoke all of your generated passwords one by one or all at once, and more.

About app-specific passwords

Security is paramount.

Protecting your Apple ID account against hackers and nefarious users by turning on Apple's older Two-Step Verification system or the modern, more secure Two-Step Verification also entails using app-specific passwords for any web apps, online services and apps that don’t natively support entering verification codes.

TUTORIAL: How to protect your Apple ID with Two-Factor Authentication

App-specific passwords maintain “a high level of security and ensure that your primary Apple ID password won’t be collected or stored by any third-party apps you might use,” notes Apple.

You can have up to 25 active app-specific passwords at any given time. If you need to, you can revoke passwords individually or all at once.

How to generate app-specific passwords

1) Sign in to your Apple ID account page at appleid.apple.com/account/home.

2) In the Security section, click Generate Password below App-Specific Passwords.

3) Type a password label into the text field, then click Create to generate a random password. The password label helps distinguish one app-specific password from another.

I'll create an app-specific password for Fantastical and name it “Fantastical for Mac”.

4) Click Done to finish creating the password.

5) Now paste the password into the password field of the app as you would normally.

Again, I'm a Fantastical believer so I'm going to type the generated password into Fantastical.

Using an app-specific password ensures that Fantastical is able to access my iCloud calendar and gives me a piece of mind knowing I don't have to worry about the security of my Apple ID.

As a reminder, you can have up to 25 active app-specific passwords at any given time. Keep in mind that each app-specific password is case-sensitive and only works in one app.

How to revoke app-specific passwords

You can revoke app-specific passwords individually or all at once. Revoking an app-specific password stops the app from accessing data in your iCloud account.

1) Sign in to your Apple ID account page at appleid.apple.com/account/home.

2) In the Security section, click Edit.

3) In the App Specific Passwords section, click View History.

4) You can now revoke an individual password or all passwords at once:

Revoke individual passwords—To revoke an individual password, click the “x” next to a password you'd like to delete, then click Revoke. Revoke all passwords at once—To revoke all the app-specific passwords you've generated thus far, click Revoke All.

“After you revoke a password, the app using that password will be signed out of your account until you generate a new password and sign in again,” notes Apple.

Be sure to generate new app-specific passwords for any apps that don't support entering verification codes because, for the sake of your own security, all of your app-specific passwords are auto-revoked any time you update or reset your primary Apple ID password.

Need help? Ask iDB!

If you like this how-to, pass it along to your support folks and leave a comment below.

Got stuck? Not sure how to do certain things on your Apple device? Let us know at help@iDownloadBlog.com and a future tutorial might provide a solution.

Submit your how-to suggestions via tips@iDownloadBlog.com.

How to have the Music app only show songs stored on your device

Steffen Reich ∙ Updated November 26, 2023

Thanks to the introduction of goodies like the iCloud Music Library and more recently Apple Music, your Music app on iPhone and iPad has not only turned from a luscious red color into a plain icon, but has also become decidedly more convoluted.

The main change since the coming of the cloud-based additions to the Music app? Songs no longer have to be stored locally on your device in order to be visible and playable. In case you haven’t yet found the trick hiding in plain sight to only play the songs downloaded to your device (and prevent exorbitant data charges), let’s fill you in now!

Apple responds to ransom threat: iCloud, Apple ID and other systems have not been breached

Christian Zibreg ∙ March 23, 2017

Yesterday, a hacker group known as “Turkish Crime Family” told Motherboard it had obtained access to hundreds of millions iCloud and Apple ID accounts. They've threatened to reset passwords and remotely wipe Apple devices of all their data, including photos, videos and messages, unless the company pays a ransom of either $75,000 in the Bitcoin/Ethereum cryptocurrencies or $100,000 in iTunes Gift Cards, by April 7. Today, Apple denied the hacking claims, telling Forbes that iCloud, Apple ID and other systems haven't been hacked into directly.

StoreSwitcher lets you easily switch between App Store accounts

Anthony Bouchard ∙ March 12, 2017

If you have more than one Apple ID associated with your iPhone for downloading apps from the App Store, then having a way to switch between your accounts more easily might be at the top of your wish list.

A new jailbreak tweak called StoreSwitcher by iOS developer Ori Kadosh is a new release that was designed with these kinds of people in mind.

How to deauthorize computers from your Apple ID

Anthony Bouchard ∙ Updated January 2, 2024

You can only authorize up to five computers with your Apple ID to play your iTunes Store purchases. In this tutorial, we will share how to deauthorize a computer from your Apple ID so you can authorize new Macs or Windows PC.

How to set up Two-Factor Authentication for your Apple ID

Christian Zibreg ∙ Updated December 25, 2018

Two-Factor Authentication strengthens the security of your Apple ID by preventing anyone from accessing or using it, even if they know your password. With Two-Factor Authentication, one of your trusted devices generates a one-time code when you make a purchase or sign in to your Apple ID, iCloud, iCloud.com, iMessage, FaceTime or Game Center account on a new device. Two-Factor Authentication is also required for Auto Unlock so you can unlock your Mac by wearing an Apple Watch.

In this tutorial we'll show you how to protect your Apple ID with Two-Factor Authentication or, if you're still using the older and less secure Two-Step Verification, upgrade to Two-Factor Authentication.

Pangu creates official Reddit account, tweets public statement on recent hack claims

Anthony Bouchard ∙ July 31, 2016

Pangu was recently subjected to trust issues after a thread made it to Reddit claiming that some users had unauthorized charges from Beijing on their PayPal account after jailbreaking, others had their Facebook account show login attempts from various Asian countries, but mostly from China.

Despite all of the confusion, Pangu has made an official statement, and we have the scoop.

Do you have unfinished Mac App Store downloads? Here’s how to check

Anthony Bouchard ∙ July 18, 2016

Do you have any Mac App Store apps stuck in cyberspace that you don't even know about?

That's a trick question... how are you going to know if you don't check?

In this tutorial, we'll show you how you can check to see if there are any downloads waiting to be completed in the Mac App Store on your Mac.

Spark for iPhone is locking some people out of their Apple IDs, Readdle blames server issues

Christian Zibreg ∙ Updated October 13, 2018

Reports surfaced yesterday on Reddit that some users of Readdle's excellent free mobile email client, Spark for iPhone, got locked out of their Apple ID account. Some of the affected people were able to re-gain access by performing a password reset on their Apple ID. It would appear that an error on Spark's servers has caused this behavior though Readdle assured customers that there was no breach or data leak.

Read this if you just switched Apple ID to download Pokémon Go

Christian Zibreg ∙ July 13, 2016

In less than a week, Pokémon Go has become the biggest mobile game in the US history, however, the app is currently limited to App Stores in the United States, New Zealand, Australia and Germany.

Eager to get their hands on some pokémon, some of the tech-savvier international users have resorted to switching their Apple ID in order to download the game only to find their Apple Music libraries wiped as a result, reports The Telegraph.

Disable Mac App Store password prompts for 15 minutes after a purchase

Anthony Bouchard ∙ Updated April 15, 2021

Have you ever went on an app downloading spree in the Mac App Store only to find that it was going to ask for your password every time you wanted to download a paid app on your Mac?

If you're the only user on your Mac, then you probably don't want to or need to be bothered with having to enter your password each and every time.

Instead, macOS includes a feature that lets you disable password prompts for additional purchases for up to 15 minutes following your first Mac App Store purchase in a succession. We'll show you how to configure this feature in this tutorial.

It seems that iOS 10 beta 2 locks some people out of their Apple ID

Christian Zibreg ∙ July 7, 2016

Some folks with iOS 10 beta 2 installed on their iPhone are finding that they've been locked out of their Apple ID account, unable to perform a password reset. As per a new thread on Reddit, the problem seems to affect a portion of iOS 10 beta 2 users whose Apple ID account has been protected with Apple's two-step authentication system, which requires both a password and a one-time six-digit code when using iCloud on a new device.

We're posting this as convenience for those who have been affected. If you're seeing this, you probably don't need to worry about your Apple ID being hacked and unrecoverable, it's just a bug in iOS 10 beta 2.