Apple asks users to lock down iCloud-enabled apps with a password of their own, for an added layer of security

Oct 9, 2014 17:05 GMT  ·  By

Delayed by more than one week for unknown reasons, the app-specific password feature announced by Apple is finally rolling out.

Apple ID holders who have two-factor authentication turned on will be able to set passwords for each and every iCloud-enabled app that they use.

Locking down third-party apps with individual passwords

The company is targeting Apple device owners who rely on iCloud when working with various third-party apps to save their work in the cloud. These apps can be anything from productivity tools like Microsoft Office to creative software such as SketchBook Pro.

In a Support document last updated on October 1, Apple explains that “If you use iCloud with any third party apps (such as Microsoft Outlook, Mozilla Thunderbird, or BusyCal) you can generate app-specific passwords that allow you to sign in securely, even if the app you're using doesn't support two-step verification.”

The Mac maker continues, saying, “Using an app-specific password also ensures that your primary Apple ID password isn't collected or stored by any third party apps you might use.”

The initial plan was to require app-specific passwords starting October 1. For one reason or another, the initiative has been pushed to this week.

How to create and set app-specific passwords

Apple has users covered here as well. The company breaks down the steps as follows:

“1. Go to My Apple ID. 2. Select Manage your Apple ID and sign in. 3. Select Password and Security. 4. Click Generate an App-Specific Password and follow the steps on your screen. After you generate your app-specific password, enter or paste it into the password field of the third party app as you would normally.”

Users will be able to manage up to 25 app-specific passwords. In case they find a new app that they want to lock down with a password, they can just free up a slot by revoking an existing one.

The steps to do that are nearly identical to the ones above, only when you get to the fourth action you need to select View History, then select Revoke next to any password of your choosing.

Apple explains that “After you revoke a password, the app using that password will be signed out of iCloud until you generate a new password and sign in again.”

The company will automatically revoke all of your app-specific passwords if you change or reset your primary Apple ID password, which sounds like a drag, but it’s just another way to protect your security.