With Two-Step Authentication active on your WordPress.com account, you can generate a custom password for specific third-party applications you wish to authorize. This guide will show you how to generate a new password for third-party apps accessing your account.
There may be some apps that connect to your WordPress.com account that don’t yet fully support two-step authentication. The most common are Jabber apps used to subscribe to WordPress.com blogs.
You can generate unique passwords for these apps (e.g., you can have a different password on your phone and tablet). You can then disable individual passwords and lock applications out of your account to prevent others from accessing your sites.
To generate application-specific passwords, take the following steps
- Click on your profile at https://wordpress.com/me.
- On the side, select the Security menu option.
- Select “Two-Step Authentication,” which must be enabled.
- Scroll down to the “Application passwords” section.
- Click the “Add new application password” button.
- Give the application a name—you’re the only one who will see this name, so call it whatever you’d like—and click the “Generate Password” button.
WordPress.com will create a unique 16-character password that you can copy and paste the next time you log in to your account on that device. The application will remember this password so you don’t need to.
The “Application passwords” section of your Two-Step Authentication page will maintain a list of all the applications for which you’ve generated passwords.
If any of your devices are lost or stolen, or you wish to revoke access for a particular application, you can visit this page at any time and click “X” to disable the password and prevent the app from accessing your account: