With the introduction of iOS 14, “Safety Recommendations” iPhone and iPad now automatically check passwords stored in Keychain Access. The system carried out similar work before, but at the same time, apparently simple and popular combinations were questioned. Now, iOS detects among them those that could become known to cybercriminals. This function allows the user to change the weak password in time and thereby protect their data.
♥ ON TOPIC: IPhone geolocation settings: what do they affect and which ones can be turned off to save battery power?
Users often use the same passwords to access various services, or choose simple combinations that are easy to guess. Hacking one account puts all others at risk. The origin of this habit is understandable – when there were no tools for storing passwords, you had to rely only on your own memory.
♥ ON TOPIC: How to add a voice notification when iPhone or iPad is charging.
How to check your password for security using the stolen password database in iOS?
Forced password verification for security is enabled in the system once. After activating the function, the system, already in passive mode, will analyze passwords without user intervention. He will only need to respond in case of unreliability of the combination used – to replace it with a new, more complex one. And even with this, iOS will help by offering to create a password that will be difficult to quickly guess. Here’s what you need to do for this.
1. Go to Settings → Passwords…
2. Confirm entry to this section using your fingerprint or face scan, go to the section “Safety recommendations“.
3. Activate the switch “Reveal stolen passwords»And just wait for the list of potentially compromised passwords to appear.
4. When you click on the problematic password, you will be presented with detailed information about the suspicion of it.
5. Click on the “Change the password on the website»And go to your account on the website that opens.
6. Change the profile password by noting the Safari browser comments about its strength, or by choosing the strong password suggested by the system. You don’t have to remember it – it will remain in iCloud Keychain and will be automatically entered across all your Apple devices.
7. After confirming the replacement, you need to make sure that your account is no longer listed as unprotected in the “Settings”.
♥ ON TOPIC: Themes for iPhone (new icons): how to change, where to download, how to make money on it…
How does Apple know your password has been compromised?
According to Apple, for such a password check, iOS uses information from specialized resources. They are not officially named, but there are not many of them. One of the most famous of these bases is called Have I Been Pwned. The creators of this resource publish the credentials of already hacked accounts, information about which was found both on open sites and on the darknet. You just need to enter your username or password on the site, and information will immediately appear about their reliability or popularity to strangers. True, apart from the fact of the leak, nothing else can be learned – the credentials are not stored in ready-made and open form. It is likely that Apple gets information about the weakness of your password from this resource.
But do not rush to get upset when you receive disappointing news. The fact that your password is flagged as unreliable by iOS does not mean that your account has been compromised. It is likely that someone else was using this password, and it was his account that was revealed. However, it should be understood that if this data has already ended up in the password database, then the combination will most likely be used by cybercriminals when guessing passwords using tools such as GrayShift or Cellebrite. That is why iOS recommends changing credentials – in matters of security, there can be no unnecessary caution.