An app-specific password is a unique, randomly generated password for a single app, such as the mail client on your phone. It can only be used in that app and can be revoked at any time by signing in with your master password. This article explains how app-specific passwords protect your account and how to create and remove them in webmail.
About app-specific passwords
App-specific passwords are separate from two-factor authentication (2FA) but provide an equally useful layer of security. Because each app uses its own password, you can revoke access for a single app, for example if you lose your phone, without changing the password everywhere else. If an app has a security vulnerability, only its app-specific password is exposed, keeping your master password safe.
You can create up to four app-specific passwords per email account.
Warning: An app-specific password is shown only once, on the screen where it is generated. Record it in the app or copy it somewhere safe. If you lose it, you must generate a new one.
Step 1: Create an app-specific password
- Sign in to your webmail.
- Select Settings from the sidebar.
- From the left menu, select Password.
- Under App password, click the plus sign (+) to get started.
- Enter a name for this password so you can identify the app it belongs to.
- Record the generated password in the app you want to use it with, or copy it somewhere safe.
Step 2: Remove an app-specific password
- Sign in to your webmail.
- Select Settings from the sidebar.
- From the left menu, select Password, then App Passwords.
- Under App password, click the minus sign (-) beside the password you want to remove.
- You can now create a new app-specific password if needed.
Next steps
Questions? Contact OpenSRS Support.
How helpful was this article?
Thanks for your feedback!
Do you still need help? If so please submit a request here.