I'd like to understand a bit more about the rationale for app passwords in the context of my use case.
I have a number of BitBucket repositories which I occasionally wish to interact with on random/unknown/guest machines. Currently, I can just use the HTTPS interface and type in my usual password (from memory).
Now that this has been deprecated, I am forced to use an app password which is not remotely memorable, so I am forced to store it in plaintext, and then copy and paste/print it for use on a remote machine. This obviously does not improve security at all, unless I generate a new one for each machine which is just annoying.
Why must the app passwords be auto-generated gibberish? Is there a reason I am unaware of which means it is a bad idea to have a facility to generate our own?