MailMate + iCloud app-specific password

I am running the trial version of MailMate. In setting up my iCloud email account in the app, I am asked to use an “app-specific password” (two-factor authentication). Ok, no problem. I go to my apple id account and generate the password for my iCloud account, then enter it into MailMate. Everything works fine.

However, if I close the application then open it up the next day and try to send an email from my iCloud account, MailMate gives this message:


Even when I select “Save password in keychain” option, the error still occurs.

Any other MailMate users experiencing this problem?

Any ideas for a solution?

The pop-up referred to 2FA - if you have that enabled for iCloud mail you’ll need to create an app-specific password as noted.

If not I’d contact the developer, or check out the previous tickets (you can create one yourself if you don’t want to email the dev). Saw something similar from 2018 with a search.

1 Like

I think there are two issues here.

  1. When you setup an app password in Mailmate, you need to add it twice: once for incoming mail (IMAP), and once for outgoing (SMTP). That’s normal.

  2. However, if you are adding it and it is not working properly, I wonder if there is an issue with your keychain. I’d open “Keychain Access” and search for ‘’. Delete anything you find, then try sending mail again. You will be prompted for the app-specific password. Hopefully it will save properly this time,

I don’t really understand what app-specific passwords are all about. Could someone pleas explain it to me?

As a protective measure app-specific passwords ensure that your Apple ID isn’t compromised if you need to add your iCloud account to a third-party email, calendar, or contact manager app.

It’s been required for some types of apps since 2017

1 Like

So is it a Apple-unique thing?

Apple ID … iCloud account. I think the links I posted earlier fill in the details.

App-specific passwords aren’t unique to Apple or iCloud. There are several different ways of using/implementing them.

Here are some examples:

  1. Fastmail allows me to create app-specific passwords which only have access to some features. For example, I could create a password which would let an app send email but not receive it. Or I could create an app-specific password that would allow access to my contacts but not sending or receiving email.

  2. Some systems which use OAuth allow for app-specific passwords so that you can use apps that aren’t set up for OAuth. For example, you used to be able to create these for Gmail for mail apps that you wanted to use with your Gmail account. The same password would not allow someone to log into your Gmail account on the web, however.

  3. More and more commonly lately, systems which use 2FA allow you to create an app-specific password if your app does not support 2FA. This is how I can use my iCloud account in Fantastical, for example. Again, that password is not the same as my regular iCloud password, and would therefore not allow them to log in to any service which does support 2FA including or the App Store, etc.

Basically an app-specific password is a way to give limited, restricted access to an account for an all that lacks some feature(s) normally required for login, or to restrict feature sets to only some features.

I hope that’s helpful.


That’s a good, full explanation.

In the OPs case it’s a typical requirement for accessing iCloud data. The granularity in Fastmail’s login passwords is pretty interesting, and I didn’t know about it - I could see that being useful in an office for someone to access another’s email acount without being able to send from it. (Spoofing is another issue, of course.)

Thank you, @tjluoma. That was it.

Glad to hear it. I’ve run into the same thing myself, and it’s quite frustrating.