Apple Begins Reminding Two-Factor Authentication Users About App-Specific Passwords

by

Apple has begun emailing iCloud users who have enabled two-factor authentication on their Apple IDs, reminding them that application specific passwords will be required when trying to access iCloud data on third party apps starting tomorrow.

Screen Shot 2014-10-08 at 8.13.42 PM
In addition to the email reminders, Apple last week published a new support document educating users on how to use app-specific passwords. While the feature was originally intended to require the feature on October 1, it's unclear why two-factor authentication users are being reminded of it a week later.

App-specific passwords are a new feature Apple introduced in mid-September, following the launch of two-factor authentication for accessing iCloud.com. The changes arrived after a hacking incident that saw the iCloud accounts of several celebrities compromised due to weak passwords.

CEO Tim Cook has promised to improve iCloud security by increasing awareness around Apple's security features like two-factor authentication as well as a sending out email notifications whenever a device is restored, an account is accessed or a password change is attempted.

Popular Stories

Apple Logo Zoomed

Tim Cook Teases Plans for Apple's Upcoming 50th Anniversary

Thursday February 5, 2026 12:54 pm PST by
Apple turns 50 this year, and its CEO Tim Cook has promised to celebrate the milestone. The big day falls on April 1, 2026. "I've been unusually reflective lately about Apple because we have been working on what do we do to mark this moment," Cook told employees today, according to Bloomberg's Mark Gurman. "When you really stop and pause and think about the last 50 years, it makes your heart ...
Read Full Article148 comments
wwdc sans text feature

Apple Rumored to Announce New Product on February 19

Thursday February 5, 2026 12:22 pm PST by
Apple plans to announce the iPhone 17e on Thursday, February 19, according to Macwelt, the German equivalent of Macworld. The report, citing industry sources, is available in English on Macworld. Apple announced the iPhone 16e on Wednesday, February 19 last year, so the iPhone 17e would be unveiled exactly one year later if this rumor is accurate. It is quite uncommon for Apple to unveil...
Read Full Article
Finder Siri Feature

Why Apple's iOS 26.4 Siri Upgrade Will Be Bigger Than Originally Promised

Friday February 6, 2026 3:06 pm PST by
In the iOS 26.4 update that's coming this spring, Apple will introduce a new version of Siri that's going to overhaul how we interact with the personal assistant and what it's able to do. The iOS 26.4 version of Siri won't work like ChatGPT or Claude, but it will rely on large language models (LLMs) and has been updated from the ground up. Upgraded Architecture The next-generation...
Read Full Article154 comments
iOS 26

iOS 26.3 and iOS 26.4 Will Add These New Features to Your iPhone

Tuesday February 3, 2026 7:47 am PST by
While the iOS 26.3 Release Candidate is now available ahead of a public release, the first iOS 26.4 beta is likely still at least a week away. Following beta testing, iOS 26.4 will likely be released to the general public in March or April. Below, we have recapped known or rumored iOS 26.3 and iOS 26.4 features so far. iOS 26.3 iPhone to Android Transfer Tool iOS 26.3 makes it easier...
Read Full Article37 comments
iphone 17 pro dark blue 1

iPhone 18 Pro Max Rumored to Deliver Next-Level Battery Life

Friday February 6, 2026 5:14 am PST by
The iPhone 18 Pro Max will feature a bigger battery for continued best-in-class battery life, according to a known Weibo leaker. Citing supply chain information, the Weibo user known as "Digital Chat Station" said that the iPhone 18 Pro Max will have a battery capacity of 5,100 to 5,200 mAh. Combined with the efficiency improvements of the A20 Pro chip, made with TSMC's 2nm process, the...
Read Full Article107 comments

Top Rated Comments

nikicampos Avatar
nikicampos
148 months ago
A ridiculous bandaid fix for their apparently weak password reset system. Three security questions, and anyone gets in without a verification email. So you have to bother with this annoying double authentication system. I might as well just make my security answers random codes themselves rather than dealing with this.

I remember Gmail somehow not working properly with third-party mail clients after they messed with their authentication system like this. I was too lazy to negotiate with it and switched to iCloud email as my "anonymous/internet" account.
People complain about eeeeverything!!!!! :rolleyes:
Score: 18 Votes (Like | Disagree)
droppingbasses Avatar
droppingbasses
148 months ago
Had to Quickly Remind Myself...

When I read that email, I immediately though "Dammit that sounds so inconvenient" but I took a few steps back and realized how helpful that will be. I appreciate Apple's multiple levels of security:apple::cool:
Score: 10 Votes (Like | Disagree)
nikicampos Avatar
nikicampos
148 months ago
Yeah, I should. On computers, everything has to work (1 - 10^(-9000))*100% of the time.

Oh kid, welcome to life, if there's something that doesn't work at 100% all the time are computers, you are going to have a bad life thinking computers should work (1 - 10^(-9000))*100% of the time.

Welcome to the real world, you can complain all you want, but technology has it flaws..
Score: 5 Votes (Like | Disagree)
fortysomegeek Avatar
fortysomegeek
148 months ago
A ridiculous bandaid fix for their apparently weak password reset system. Three security questions, and anyone gets in without a verification email. So you have to bother with this annoying double authentication system to avoid that... or provide bogus security answers. I might as well just make my security answers random codes themselves rather than dealing with this. My first pet was Aahs8y238899_!!3.

I remember Gmail randomly rejecting authentication from third-party mail clients after they messed with their authentication system like this. I was too lazy- er, I mean optimized to try and fix it and switched to iCloud email as my "anonymous/internet" account instead.

This is basically how gmail works because 3rd party apps have no cookie mechanism & challenge follow-up. You need app specific passwords.

Apple's implementation is exactly like Google except you have more trusted device than SMS.
Score: 4 Votes (Like | Disagree)
Futurix Avatar
Futurix
148 months ago
A ridiculous bandaid fix for their apparently weak password reset system.

This is an industry-wide and fairly secure solution, used by the likes of Google, Microsoft, and Yahoo.
Score: 3 Votes (Like | Disagree)
JLL Avatar
JLL
148 months ago
It's just very unclear who would use app-specific passwords and who wouldn't, how they would be used, and how they would benefit the user.

If you want third party apps to have access to your iCloud account (eg. Outlook), you create a specific password for Outlook to use.

The app does not know your real iCloud password, and you can revoke the app specific password if you want to.
Score: 3 Votes (Like | Disagree)
Read All Comments