iCloud Keychain's functionality continues to improve, rivaling dedicated third-party password managers, and one of its most valuable features is password monitoring.If you get a notification on your iPhone or iPad warning that one of your saved passwords is in a data breach, you've seen password monitoring in action.
So, you should understand how your iPhone detects a password leak and what to do when it alerts you to an account.
How your iPhone monitors your saved passwords
Password monitoring is a built-in feature of Apple's iCloud Keychain service, which stores and autofills account information on your Apple device.End-to-end encryption keeps your sensitive data from being discovered by anyone, including Apple.Unfortunately, your web accounts can sometimes experience data breaches beyond your control.This could result in your username and password being leaked in public data dumps.
Fortunately, iCloud Keychain's password monitoring feature can detect this happening and let you know.
According to Apple, your iPhone or iPad continuously checks the passwords you save in the Password AutoFill Keychain against a list of known leaked passwords.When one of your passcodes matches one found in a data breach, your iPhone will send you a notification titled "Password Exposed."It will also list the account on the Security Advice page in Settings.
This is a scary notification, but remember: it doesn't mean someone has gained access to one of your accounts, or even that someone is trying to log in.It just shows that your password is present in the data breach and, therefore, your account is vulnerable.
Furthermore, such a notification does not imply that there is a data leak from Apple.In practice, this means that you should change the password on the account in question immediately to prevent potential security issues in the future.
How secure is password monitoring?
The idea of your iPhone regularly sending passwords to Apple's servers might sound scary, but your iCloud Keychain is already stored there and encrypted end-to-end.The password monitoring process uses some additional encryption to share as little information as possible with Apple.
Some of the best iPhone password managers include similar features that can detect data leaks and weak passwords.Part of deciding which service to use -- or whether you should stick with Apple's free built-in option -- is determining which company you trust most to handle some of your most sensitive data.Of course, there are other features you should pay attention to when choosing a password manager.
How to see broken passwords and what to do with them
The easiest way to see vulnerable accounts is to tap the "Password Compromised" notification, which will open the "Security Recommendations" page of the Settings app.However, you can easily go there to check the compromised passcode on your iPhone at any time.Below is the method.
1. First, open the Settings app on your iPhone or iPad.
2. Then, tap Password in the list.
3. After that, you need to verify your identity with Face ID or Touch ID to proceed to the next page.
4. Once you are verified, you can go to the Passwords page and select Security Advice above the list of saved passwords.
At the top, you'll see a list of items marked with high priority -- this includes passwords your iPhone knows about that appear in data breaches.They are the account security you should focus on first."Other recommendations" at the bottom include reused and weak passwords that didn't appear in the leaked data but could be stronger or more secure.
How to Manage Broken Passwords in Keychain
If you want to change the password of a vulnerable account, follow these steps:
1. Open Settings and tap Password.You'll need to verify your identity with Touch ID or Face ID to get to the passcode page.
2. Then, tap Security Advice.
3. Select the account you want to change.
4. On the Account Details page, click Change Password on Website.
5. Your iPhone will open the relevant website, where you can log in by auto-filling your username and password.
6. Then, use the website's account management tool to change your password.Click the Use strong password option to accept the randomly generated password suggestion.You can create a strong password yourself, but this feature takes the guesswork out of you and saves it automatically.
Know when to change a leaked password
Broken password detection is a valuable feature of your iOS device's built-in keychain.It can help you spot weak and reused passwords and alert you when your data is potentially at risk.In addition to password monitoring, you should also consider setting up an account recovery key for your Apple ID account to further protect yourself from online threats.
Copyright Notice:The article only represents the author's point of view, the copyright belongs to the original author, welcome to share this article, please keep the source for reprinting!