Apple’s latest iOS makes it easier than ever to ensure your passwords are strong and secure
Passwords are increasingly gatekeepers to your most personal and vital information – to financial accounts, to online identities, and to a slew of services. It’s hugely important that your passwords are strong, secure, and varied.
Fortunately, iOS 12 is more robust than ever when it comes to creating, managing, and working with passwords. Our tips outline not only how you can get started making your passwords safer and stronger, but also how you can ensure this is maintained in the months and years to come.
Use strong passwords
When you’re signing up to a website, Safari will offer to create and store a strong password for you. This won’t be a memorable password, but you shouldn’t really be using passwords you can remember anyway, because they’re easier to crack.
What’s created is stored in iCloud Keychain, shared between all Apple devices signed into your Apple ID. This means the next time you sign-in, Safari will automatically enter the username and password for you. But as of iOS 12, things go a step further, because the operating system can create new strong passwords in app sign-up processes, which are also stored in iCloud Keychain.
Browse existing passwords
Sometimes, you will need to get at a password to manually note it down. To do this, open Settings, and go to Passwords & Accounts. Tap Website & App Passwords. You’ll then need to use Touch ID or Face ID to authenticate.
Tap any item in the scrolling list and you’ll see your username, password, and the website/service it relates to. Should you need to edit the password’s details for some reason (for example, if you elsewhere change it using a device not signed into your Apple ID), tap Edit and make your changes.
(Do note that any edits are only to information stored in iCloud Keychain, not what is stored on the service itself. To update a password there, you’ll need to do so on the relevant website. On making changes, iCloud Keychain should offer to update its records accordingly.)
Audit your passwords
When scrolling through the list mentioned in the previous step, you may see some entries that have warning signs (! within a triangle) to denote password reuse – in other words, a password used on multiple websites. This is a big security no-no, because if you use the same username/email address and password everywhere, someone only needs to hack one of your accounts to gain access to them all.
Tap any such item, and you’ll see the edit screen, but with a new option: Change Password on Website. This will take you to the relevant site to update things. Note, however, that this isn’t necessary in very specific and rare cases, where you have multiple entries for the same company.
For example, you would expect passwords for ebay.co.uk and ebay.com to be the same. You may also have sign-ins to various Apple sites, which will all use your Apple ID. But you should never be using, say, the same password for your Apple ID, eBay, Amazon, Google, and so on.
Find a password with Siri
If you want to more quickly get at a specific website or service’s password you already have stored in iCloud Keychain, ask Siri. If you ask for your Apple password, you’ll get the choice to head to apple.com or Settings.
Typically, though, when you ask for a password, there will be a quick bit of authorization via Face ID or Touch ID, and you’ll be sent to the list in Settings that we have already mentioned, with a search term already filtering the list to relevant items.
Integrate third-party password managers
You may be quite happy with iCloud Keychain for your password management needs. But if you want something more versatile, or that works across more platforms (such as Windows and Android), you may gravitate towards third-party password managers. As of iOS 12, they are now broadly equal partners.
In Passwords & Accounts, tap AutoFill Passwords, and tap the relevant services to add them to the list. When you’re signing into something, login details from these services will appear in the QuickType bar. Tap the key button and you’ll see the various options you can choose from. (This is useful if what’s stored in different password systems doesn’t match, and you need to quickly select an alternative.)
Auto copy two-factor SMS codes
Quite a few services offer two-factor authentication. This most commonly sends you an SMS (text message) with a multi-digit validation code, to prove it’s really you signing into an account. Previously, you had to memorize and manually type in that code, possibly bouncing between Messages and whatever app or website you were signing into.
In iOS 12, things are much simpler, because the code provided to you automatically becomes the recommended entry in the keyboard’s QuickType bar. All you need to do is tap to enter it into the relevant field. Easy!
Share passwords with an Apple TV
Entering passwords on Apple TV has never been fun. If you’re using the Siri remote, it’s an exercise in tedium. But even when using your iOS device, you’ll find yourself jumping between the password stored in Settings and the app you’re using for text input.
Now, autocomplete works between devices. In short, start signing into a tvOS app that uses a standard username/password login, and your iPhone or iPad should pipe up with an alert, offering to use it as a keyboard. At that point, you’ll get a similar autocomplete option as when signing into websites on your iPhone or iPad – only what you enter will be sent to your Apple TV.