Apple has begun sending email reminders to iCloud users that a new security related requirement of app-specific passwords for third-party software that accesses iCloud data goes into effect on Thursday.
The reminder is being sent to users who have two-step Apple ID verification enabled on their account. Any third-party apps not switched over to the new process by Thursday will be automatically signed out until a unique password is generated for use with that app.
Apple originally intended to switch on the new requirement on October 1st. No reason was given for the move to the later date.
If a user is running a third-party app, such as a third-party email client, or contact and calendar syncing service, they will need to visit the Apple ID website to generate a specific password for each app. The app-specific password will work even if the app in question doesn’t support two-factor authentication.
To generate an app-specific password:
- Sign in to My Apple ID (https://appleid.apple.com)
- Go to Password & Security
- Click Generate App-Specific Password
Apple has also supplied a link to a Support Pages document that explains the extra layer of security, and how it protects iCloud data, in more detail.
While Apple’s system allows only 25 unique passwords, users can add, delete, and manage app priorities via the Apple ID website.