iOS 14 was recently announced, and we know about the slew of new features that are coming to iPhones (and iPads) later this year. You’ve got an App Library, new widgets, and an interestingly fresh take on apps: App Clips. But Apple is also introducing a new security safeguard with iOS 14—enhanced password security for iCloud Keychain.
iCloud Keychain is essentially Apple’s password manager which keeps your passwords and credentials. When you login to certain sites on your Safari browser, Keychain auto-fills your information on approved devices.
But an added feature is coming to Keychain, according to 9to5Mac. Firstly, users will get notified if their chosen passwords are too “easy to guess”, or if the password is already commonly used. Patterns and sequences also trigger these security alerts.
Perhaps the most interesting aspect of this is the alert that notifies you if your passwords have been compromised in a data breach. The following message appears if you’ve chosen an offending password:
“This password has appeared in a data breach, which puts this account at high risk of compromise. You should change your password immediately.”
From what I can tell, the warning doesn’t actually mean that that specific account has been compromised (yet). Instead, the warning tells you if the password you’ve decided to go with is one that has already been breached—possibly via another account. As such, if you receive such a notification, be sure to change passwords on any other accounts that use the same credentials.
The new feature will be arriving with iOS 14 and iPadOS 14, while we should also see the same functionality on Mac computers soon via macOS Big Sur. This is what Apple has to say about it, according to 9to5Mac:
“Safari securely monitors your saved passwords, automatically keeping an eye out for passwords that may have been involved in a data breach. To do this, Safari uses strong cryptographic techniques to regularly check derivations of your passwords against a list of breached passwords in a secure and private way that doesn’t reveal your password information — even to Apple. If Safari discovers a breach, it can help you upgrade to Sign in with Apple when available, or automatically generate a new secure password.”
[ VIA ]