Setup Guide

How to Create App-Specific Passwords

Name: Cloudbreak
Rating: 5 (1 reviews)

App-specific passwords are the most secure way to connect third-party apps like Cloudbreak to your email account via IMAP — without exposing your main password.

What is an app-specific password?

An app-specific password is a unique, randomly generated password that you create specifically for a single app. It lets that app access your email account without ever knowing your real password.

This is the recommended way to connect Cloudbreak (or any IMAP client) to your email — it's more secure than using your main password because:

Each app gets its own isolated password
You can revoke access for a single app without changing your main password
Your real password is never stored by the third-party app
App passwords can't be used to sign in to your account on the web

Most providers require two-factor authentication (2FA) to be enabled before you can create app-specific passwords. If you haven't enabled 2FA yet, you'll need to do that first.

Note for Gmail users: Cloudbreak also supports Google OAuth (Sign in with Google), which doesn't require an app-specific password. But if you prefer not to use OAuth or your organization restricts it, an app password is the next best option.

Google / Gmail

Requires: Two-factor authentication enabled

Enable 2-Step Verification (if you haven't already):
Go to myaccount.google.com/security and under "How you sign in to Google", make sure 2-Step Verification is turned on.
Open the App Passwords page:
Go to myaccount.google.com/apppasswords. You may be asked to sign in again.
Create a new app password:
Enter a name (e.g. "Cloudbreak") and click Create.
Copy the password:
Google will display a 16-character password. Copy it — you won't be able to see it again.
Paste it into Cloudbreak:
When adding your Gmail account in Cloudbreak, use your Gmail address as the username and paste the app password as the password.

Google's official guide to app passwords →

Microsoft / Outlook

Requires: Two-step verification enabled

Enable two-step verification (if you haven't already):
Go to account.live.com/proofs/manage and turn on two-step verification.
Go to Advanced security options:
On the same security page, scroll down to the App passwords section.
Create a new app password:
Click Create a new app password. Microsoft will generate a 16-character password.
Copy the password:
Copy the generated password immediately — it won't be shown again.
Paste it into Cloudbreak:
Use your Outlook/Hotmail address as the username and the app password as the password.

Microsoft's official guide to app passwords →

Microsoft 365 / Work accounts: If your organization uses Microsoft 365, app passwords may be managed by your IT admin. Check with them if you don't see the option in your security settings.

Apple / iCloud

Requires: Two-factor authentication enabled

Sign in to your Apple Account:
Go to account.apple.com and sign in.
Navigate to App-Specific Passwords:
In the Sign-In and Security section, click App-Specific Passwords.
Generate a password:
Click the + button or Generate an app-specific password. Enter a label (e.g. "Cloudbreak").
Copy the password:
Apple will display the generated password. Copy it before closing the dialog.
Paste it into Cloudbreak:
Use your iCloud email address (or Apple ID email) as the username and the app-specific password as the password.

Apple's official guide to app-specific passwords →

Good to know: If you change or reset your Apple ID password, all your app-specific passwords are automatically revoked. You'll need to generate new ones.

Yahoo Mail

Requires: Two-step verification enabled

Go to your Account Security page:
Sign in to Yahoo, then go to Account Info → Account Security.
Create an app password:
Under "External connections", click Create app password.
Name the password:
Enter "Cloudbreak" in the app name field, then click Generate password.
Copy the password:
Copy the generated password and click Done.
Paste it into Cloudbreak:
Use your Yahoo email address as the username and the app password as the password.

Yahoo's official guide to app passwords →

Fastmail

No 2FA requirement (but recommended)

Open Fastmail settings:
Sign in to Fastmail, then go to Settings → Privacy & Security.
Manage app passwords:
Find the Connected apps & API tokens section and click Manage app passwords and access.
Create a new app password:
Click New app password. You may need to verify your identity.
Name and configure access:
Enter "Cloudbreak" as the name. For access, select Mail (IMAP/POP/SMTP) — Cloudbreak only needs mail access.
Copy and use:
Copy the generated password and paste it into Cloudbreak when adding your Fastmail account.

Fastmail's official guide to app passwords →

Proton Mail

Requires: Proton Mail Bridge (paid plan required)

Proton Mail works differently from other providers. Because Proton encrypts all your email end-to-end, standard IMAP access isn't available. Instead, you need to use Proton Mail Bridge — a desktop app that runs locally and provides IMAP/SMTP access to your encrypted mailbox.

Download Proton Mail Bridge:
Go to proton.me/mail/bridge and download the macOS version. A paid Proton plan is required.
Sign in to Bridge:
Open Proton Mail Bridge and sign in with your Proton account.
Copy the Bridge password:
Bridge will generate a unique password for your account. This is not your Proton login password — it's a Bridge-specific password that never leaves your computer.
Use Bridge credentials in Cloudbreak:
When adding your account in Cloudbreak, use the IMAP server 127.0.0.1, port 1143, and the Bridge-generated password.

Proton's official Bridge setup guide →

Important: Proton Mail Bridge must be running in the background for Cloudbreak to access your Proton mailbox. Your Proton login password will not work — always use the Bridge-generated password.

Posteo

No app-specific password needed

Posteo doesn't use app-specific passwords. You connect using your regular Posteo password over an encrypted connection. Posteo secures all IMAP/SMTP connections with TLS encryption and Perfect Forward Secrecy.

Just use your Posteo credentials:
When adding your account in Cloudbreak, enter your full Posteo email address (e.g. you@posteo.de) and your regular Posteo password.
IMAP settings (if needed):
Server: posteo.de, Port: 993, Encryption: SSL/TLS.

Tip: While Posteo doesn't offer app-specific passwords, we recommend using a strong, unique password for your Posteo account and enabling two-factor authentication in your Posteo settings for additional security.

Other Email Providers

Most email providers that support IMAP will work with Cloudbreak. If your provider isn't listed above, check their help documentation for "app-specific password" or "app password" — the process is usually similar:

Enable two-factor authentication
Find the app passwords section in your account security settings
Generate a new password and label it "Cloudbreak"
Use that password when adding your account in Cloudbreak

If your provider doesn't support app-specific passwords, you can use your regular password — Cloudbreak stores all credentials securely in the macOS Keychain.

Troubleshooting

My app password isn't working

Make sure you copied the entire password without extra spaces
Check that 2FA is fully enabled (some providers require completing setup first)
Try generating a new app password — the old one may have expired
For Google: make sure you're not enrolled in the Advanced Protection Program, which disables app passwords

I don't see the app passwords option

You likely need to enable two-factor authentication first
For work/school accounts, your organization may have disabled app passwords — check with your IT admin

I want to revoke Cloudbreak's access

Simply delete the app password you created for Cloudbreak in your email provider's security settings. Cloudbreak will no longer be able to access your account. No need to change your main password.

← Back to Cloudbreak