Application passwords for external programs
When using Two-Factor Authentication (2FA) for your account, you must create and use a corresponding Application Password in order to access your calendar, contacts, or Drive data with external apps. Without Two-Factor Authentication (2FA), Application Passwords are optional.
What are Application Passwords?
Application Passwords are an important security feature. You can set them individually for each app you use and revoke them at any time if misuse is suspected. By using Application Passwords, you prevent the account’s main password from being used and transmitted by the respective app.
Application Passwords are required for all external applications that cannot handle Login 2.0 or Two-Factor Authentication – for example, classic mail clients or synchronization apps for calendars and contacts. They allow specifically secured access to services such as IMAP, SMTP, CalDAV, CardDAV, or WebDAV, without the need to use the main password.
Each Application Password is restricted to the respective app. You can use multiple passwords in parallel, for example, for different devices or services. In the event of a compromised access, each password can be deleted individually without endangering access to the entire account.
We recommend securing the generated access in a Keepass!
Important:
- Application Passwords do not work for web login.
- Once 2FA is active, classic logins in third-party programs only work with an Application Password.
- You can find all assigned App Passwords under All settings | Security | Application Passwords and manage or revoke them there.
Step-by-step: Create predefined Application Passwords
Figure 1: Navigate to Security in the mailbox settings under All settings.
Figure 2: Click Application Passwords and select your application.
Figure 3: You will automatically receive a list of the stored Application Passwords.
Step-by-step setup guide
How to set up an Application Password with predefined permissions:
- Log in to mailbox.
- Navigate to the menu item Application Passwords: All settings | Security | Application Passwords
- Add a new Application Password and choose a predefined configuration, e.g.:
- Calendar and address book client (CalDAV/CardDAV)
- WebDAV Client
- Drive Sync App
- Exchange ActiveSync
- Assign a meaningful label (e.g., “Thunderbird Mail” or “DAVx5 Calendar”).
- Generate and save the password:
- Write down the generated password immediately, as it will not be shown again.
- Click + Add new password.
- Use the Application Password in the respective app instead of your main password.