I was investigating how I can improve the security of my iCloud account.
Can I do the same for my iCloud account in Outlook?
Apple also offers support for Two-Step Verification for iCloud when you have it enabled for your Apple ID.
If you haven’t enabled it already, enabling Two-Step Authentication for your Apple ID and iCloud is a good thing. However, enabling it means that you need to generate an App Password for use in Outlook as Outlook does not (yet) provide native support for Two-Step Verification.
Step 1: Enable Two-Step Verification
First, enable Two-Step Verification for your Apple ID account:
- Logon to the Apple ID website. This can be done by visiting:
- In the section on the left, click on: Password and Security.
- You now may be required to answer your security questions if you previously configured them.
At the top, you’ll see a section about Two-Step Verification.
Click on the “Get Started…” link.
This direct link should also work.
Also note the sections “Security Questions” and “Select your birth date”. This is actually quite a security hole since most of the answers can be easily obtained from social media these days (and that is actually how the iCloud accounts of celebrities got compromised).
If you do not want to enable Two-step Verification or if you are in a geographic location for which Apple hasn’t implemented it, you might be off best with a very complex code word. This can also be a long string (at least 16 characters) of random characters. Enabling Two-step Verification will turn off this recovery method and you’ll get a Recovery Key instead.
Read the provided explanation and instructions and click on Continue.
- Read the summary of the changes that will be implemented and click on Continue.
- Read the warning about the implications of enabling Two-step Verification (yeah really, you need to confirm the change 3 times!) and click on Get Started.
If you hadn’t already, you’ll now need to configure the phone number of at least 1 trusted device which can receive SMS messages. This can be any phone and doesn’t have to be an iPhone. You’ll receive a verification code via SMS which you’ll need to fill out on the website.
You’ll get a Recovery Key which you’ll need to keep secure as that will be your last recovery method instead of the “Security Questions” or in case you are unable to receive an SMS message.
- Confirm your Recovery Key.
- Accept the conditions and click on the button: Enable two-step Verification
You’ll get a confirmation that Two-Step verification now has been enabled for your Apple ID.
Note: Depending on your recent account mutations, you might need to wait 3 days before you can complete the process of enabling Two-Step Verification. In that case, you can only complete the process until step 7. After these 3 days, you can restart the configuration process and complete the process.
Step 2: Reconfigure the iCloud Control Panel
Once Two-Step Verification is enabled, you’ll need to enter the verification code for the iCloud Control Panel as well. When you configure iCloud for the first time, you can simply login with your iCloud credentials and you’ll get prompted to enter the verification code.
You have the option to do this via a text message (SMS) to your configured phone or via the Recovery Key.
This is supported within iCloud Control Panel 3.1 or later.
iCloud Control Panel Two-Step Verification prompt.
Option 1: Two-Step Verification via a text message to your phone (SMS).
Option 2: Two-Step Verification via your Recovery Key.
iCloud Control Panel connected to iCloud via Two-Step Verification.
Step 3: Generate an app-specific password for iCloud IMAP in Outlook
Now that you have enabled Two-Step Verification for your iCloud account, you could start getting Send/Receive errors and/or password prompts in Outlook when you also have your iCloud IMAP account configured in Outlook.
A way to solve this would be to remove the iCloud IMAP account from Outlook, close Outlook and then (re)start the iCloud Control Panel to reconfigure the iCloud IMAP account again in Outlook. The downside of this method is that your entire mailbox will need to be redownloaded (synchronized) again. The iCloud Control Panel will automatically generate and use a special “App-specific password” to be used with the IMAP account.
Another way to go would be to generate this special “App-specific password” for Outlook yourself. This is also required when you decide to configure the iCloud IMAP account manually in Outlook or in another mail application which isn’t controlled by the iCloud Control Panel (like the Mail app in Windows or on your phone).
You can no longer use your current iCloud password to configure an application which doesn’t natively support the Two-Step Verification method of Apple.
On the Password and Security page, you’ll now find a “Generate an app-specific password” section where you can click on the “Generate an App-Specific Password” link.
- Enter a name to label this app-specific password to help you remember where you used it. For instance: Outlook.
- Note: Even though you labeled it, once generated, you won’t be able to go back and look up the password. It is just to keep a history and make it easier to revoke the password when needed.
- Click the Generate button.
Copy the obtained password code.
Note that the dashes are part of the app password.
- Go to Outlook and paste or type the obtained app password when being prompted for your password.
You can also do it directly via your Account Settings.
- Outlook 2003
Tools-> E-mail Accounts…-> Next-> double click on your iCloud account
- Outlook 2007
Tools-> Account Settings…-> double click on your iCloud account
- Outlook 2010, Outlook 2013 and Outlook 2016
File-> Account Settings-> Account Settings…-> double click on your iCloud account
- Outlook 2003
- Once you’ve updated your password, Outlook will be able to connect to iCloud again with Two-Step Verification enabled for your account.