I was forced into 2 factor-cauterization.
ok.. I'm the snarky one? Awkward typo?
The 2 screen shots you show contradict each other. One says 2FA is on, one says it's not.
That simply can't be true.
Where is the top screenshot from? What devices are you referring to? The implication was that you had only the Fire tablet. Why ask about generating anything from the Fire tablet if you had Apple devices and knew about app specific passwords and appleid.apple.com?
You said the above... I believe this demonstrates a lack of understanding about app specific passwords and how they work.
You stated an expectation for the Fire client to somehow make a request for a PIN number.
This indicates you do not understand app specific passwords at all.
Again, once generated and entered in the 3rd party mail client's password field, there is no further. involvement from Apple's 2FA process. There is no PIN. No request from the 3rd party client.
I do understand how it works, do you? Your snarky response generated this question.
Now your issue seems to be no ability to generate an app specific password. That was not mentioned in your initial screed.