It seems as if we read about data leaks and security issues in the news almost daily. I’ve written in the past (here) about how important strong, unique passwords are to staying safe and secure online. It’s difficult to keep track of which companies have had issues and if we have accounts there. Luckily, there is an easy way to know if our accounts are at risk and to make changes to improve our security.
The password list on your iPhone, iPad, and Mac provides Security Recommendations to help ensure your passwords and accounts are safe. This feature not only makes suggestions for strong and unique passwords, it also alerts you to passwords that may have been involved in a data leak.
Check Your Passwords
If you followed the advice in my earlier Managing Passwords post and have been storing your passwords in the Keychain, these features are automatically working for you.
Go to Settings, and then tap Passwords:
Your device will ask you to authenticate, either by using your passcode, or with Touch ID or Face ID. You’ll then be taken to your password list.
If there are issues that need to be addressed with any of your passwords, you’ll see a section called Security Recommendations. Tap on that to see the specifics:
At the top of the list is Detect Compromised Passwords. This monitors known data leaks and checks if any of your passwords are part of one. It does this securely without ever sending any of your account information or passwords to Apple or anyone else. I suggest you turn (or leave) this feature on.
Next is a section called High Priority that lists issues you should address right away. Tap on each suggestion to see more information about the issue, and to see a link to change the password. For example, a password that was involved in a data leak will display something similar to this:
Tap Change Password on Website to automatically jump to the web site in order to change your password. You maybe have to find the area on the site that manages your account. Your device will suggest a strong, unique password. Once you change the password, your device will automatically update it in the password list.
You will also see warnings for passwords that are very common or easily guessed. In order to protect your account, passwords need to be complex and not use simple words, numbers, or phrases. Again, tap Change Password on Website to jump to the site and let your device create a new, strong password for your account:
Every account should have a unique password. If you use the same password at multiple sites, and that password is involved in a leak, then it’s easy for others log into all your accounts that share that password. When each account has its own password, a leak will only put that one account at risk.
The recommendations list shows you sites that share a password. For each of these, tap Change Password on Website to jump to the site and let your device create a strong, unique password for each one.
Your device will alert you if one of your passwords is involved in a new data leak. Even so, I recommend checking the Security Recommendations list regularly to help make sure you don’t inadvertently reuse passwords or create new ones that are weak.
I hope this post helps you continue to practice good online account security and to stay safe online. As always, if something isn’t clear or you have questions, leave a comment below and I’ll try to help.