Learn how to do App-specific passwords

I would like to learn how to do App-specific passwords

I have apps in another developer that are important to me where I would need to use the App-specific passwords

iPhone 14 Plus, iOS 17

Posted on Feb 3, 2024 10:28 PM

Reply
Question marked as Top-ranking reply

Posted on Feb 4, 2024 8:48 AM

If you didn’t intend to ask this in developer forum and aren’t looking to implement your own password authentication scheme and are looking for the steps needed for generating an app-specific password for your Apple ID, start here:

Using app-specific passwords - Apple Support


Otherwise, I’ll assume you are seeking to understand and implement app-specific passwords in your own app service or server.


App-Specific passwords aren’t all that different from standard passwords, they’re a way to have the same username have different passwords for different network protocols, and usually (always?) without requiring two-factor authentication. Rather than having one password for all, one password is available for each (usually IP port, or group of related IP ports, or some other designation) app, and the password access permitted can potentially be subset. They’re not a great approach for improving password security, require manual cut-and-paste, though they are better than one potentially weaker password for multiple connections, and they do avoid requiring two-factor in a context that may not be able to verify that second factor. If rolling your own authentication implementation, your password authenticator service will need a parameter added allowing the service to select which password hash be compared against the saved hash, or the service itself added into the hash.


Or… If this is about signing apps using an organization’s Apple ID, see the related parameters available on notarytool.


These days, I’d suggest implementing OAuth or passkeys for your authentication: Passkeys Overview - Apple Developer



3 replies
Question marked as Top-ranking reply

Feb 4, 2024 8:48 AM in response to oneita49

If you didn’t intend to ask this in developer forum and aren’t looking to implement your own password authentication scheme and are looking for the steps needed for generating an app-specific password for your Apple ID, start here:

Using app-specific passwords - Apple Support


Otherwise, I’ll assume you are seeking to understand and implement app-specific passwords in your own app service or server.


App-Specific passwords aren’t all that different from standard passwords, they’re a way to have the same username have different passwords for different network protocols, and usually (always?) without requiring two-factor authentication. Rather than having one password for all, one password is available for each (usually IP port, or group of related IP ports, or some other designation) app, and the password access permitted can potentially be subset. They’re not a great approach for improving password security, require manual cut-and-paste, though they are better than one potentially weaker password for multiple connections, and they do avoid requiring two-factor in a context that may not be able to verify that second factor. If rolling your own authentication implementation, your password authenticator service will need a parameter added allowing the service to select which password hash be compared against the saved hash, or the service itself added into the hash.


Or… If this is about signing apps using an organization’s Apple ID, see the related parameters available on notarytool.


These days, I’d suggest implementing OAuth or passkeys for your authentication: Passkeys Overview - Apple Developer



Feb 4, 2024 9:25 PM in response to oneita49

This is very hard to navigate using App-specific passwords. I would bypass this if I could, but the develper I left behind have emails I need pertaining to my health. There are medical portals, pharmacies, & other options. Wien you have so many steps, people like myself are new to Apple are going to make mistakes. I’m afraid the community will not be able help with this.

Feb 5, 2024 5:42 AM in response to oneita49

The developer you left behind has email messages you need pertaining to your health? This is an unusual situation and an unusual app.


This—whatever you’re asking about, which is not at all clear to me—seems an app development and design issue, as user authentication is largely if not entirely within the purview of the app developer.


Apple does have some authentication limits and requirements with the use of iCloud, if the app is to be permitted to access other of the user’s private data. Mail, for instance. Access to which would be unusual for a healthcare-related app, too. Same for accessing other portals and other repositories distinct from those of this app.


Apple’s preferred interface into this data are what are effectively plug-ins for and servers linked with the Apple Health app, as well as vendor-specific apps such as Epic’s MyChart. The backend apps here are enormous, and are extensively customized, as well. And yes, healthcare systems and here particularly including those in the US are a thicket of incompatible silos of data, too.

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Learn how to do App-specific passwords

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.