Apple is set to require app-specific passwords for third-party apps that connect with iCloud starting tomorrow, Oct. 9, as opposed to their previously announced Oct. 1 debut.
The company has begun sending notice regarding the forthcoming change via email to users who have enabled two-step verification for iCloud.
“This is a reminder that starting tomorrow, app-specific passwords will be required to access your iCloud data using third party apps such as Microsoft Outlook, Mozilla Thunderbird, or other mail, contacts, and calendar apps,” Apple says in the notice. “If you are currently signed in to a third party app using your primary Apple ID password, you will be signed out automatically when this change takes effect.”
To be able to sign in again, you have to generate an app-specific password for each iCloud-connected third-party app you’re using by logging in to My Apple ID and clicking Generate App-Specific Password under Password & Security. The generated app-specific password is to be entered or pasted into the app’s password field just like a normal password.
You can have up to 25 active app-specific passwords at a time, any or all of which you can revoke if necessary.
For more information, read Apple’s support document on using app-specific passwords.
Apple’s implementation of app-specific passwords comes as part of a series of additional privacy and security measures being carried out by the company in the wake of the so-called iCloud celebrity photo hacking incident.
See also: Apple launches new Web tool for checking status of Activation Lock on iOS devices, Apple knew of iCloud vulnerabilities that led to “Celebgate” since March 2014, and Apple launches campaign focused on user privacy with message from CEO Tim Cook.