Apple has increased security for accounts used by users to prevent unwanted and unauthorized access by third parties to all of their information. The company trusts Apple ID in all its software and services, but third-party applications can gain access to only three types of data: email, contacts and events.
Apple requires a mobile device or desktop connected to the web and native – on iOS, Android, Windows, macOS and others – who want to use any of these three types of data to use a special type of access. You create the so-called application-specific password for each software to which you want to grant access.
Google and other ecosystems offer a similar approach to reduce the opportunity for unwanted exploitation. Apple allows this password to be used for email, contacts and events; some other systems require you to block it on one of these three services or even on a task as specific as ?retrieving emails?.
To create an Apple ID specific password within other applications, follow these steps:
- Log in to your Apple ID account in a web browser at appleid.apple.com. You can only create and manage these passwords on the website.
- In the Security section, click Generate Password.
- Enter a code to remind you why you created the password and click Create.
- The website creates a password that you can write down or select and copy. click in Done.
- In the application you're using, enter your email address with your Apple ID and password. No additional steps are necessary.
You can create up to 25 passwords specific to the applications you use. While Apple recommends that you create a specific password for each service or website, you can reuse them.
The application-specific password utility allows you to revoke them without resetting your account.
- Log in to the Apple ID website.
- click in To edit, right of the Security section.
- to the right of the application-specific password generation link, click Show history.
- The website displays a list of passwords and when they were created. Click the X to the right of the list and click Revoke to remove it. You can also click Revoke all to deny access to all third party applications if you believe something has been compromised.
Treat these application-specific passwords with the same kind of care with your main iCloud password. Someone who gains access to your email can generally use it as a starting point for accessing other parts of your account, such as sending password reset requests to the iCloud email address for other services, receiving login codes second factor for financial institutions or confirming transactions via email.