Apple calls it Password monitoring and alerts are triggered under the form of Security Recommendations.
It’s an automated system that allows Safari to regularly check derivations of your passkeys and match them with a list of compromised passwords.
Safari uses advanced cryptographic techniques to detect vulnerabilities.
The scanning is done in a secure and private way. Your password info isn’t revealed to anyone not even to Apple’s servers.
If it finds a match it will flag your password and suggest you to change it with a new strong automatically generated password.
How To Find Compromised Passwords
1. Open the Settings app on your iPhone or iPad.
2. Scroll for Passwords and authenticate with Face ID, Touch ID or iPhone passcode depending on what iOS / iPadOS device you’re using.
3. Tap on Security Recommendations, available in the upper part of the Passwords home screen.
Tip: Next to the label you have the number of exposed passwords as well as the risk level. If your iPhone displays ‘Urgent security risks’ you should change your passwords as soon as possible.
How To Fix Compromised Passwords
4. Tap on an entry from the compromised passwords list. Website name is displayed at the top of each entry.
5. Review the password and the Security Recommendation and tap on ‘Change Password on Website’ option.
6. Safari opens up the website in question. Use your log-in credentials and browse to the account settings.
7. Change your password and create a new strong one with the help of the KeyChain feature.
Compromised Passwords Video Tutorial
Watch this video guide to better understand the iOS 14 Security Recommendations feature:
Password Risk Levels In iOS 14
The iPhone password monitoring system lists vulnerable passkeys in two categories: High Priority and Other Recommendations.
A. High Priority
Tackle the high priority alerts first, because they either highlight passwords that are compromised because they appeared in a data breach or they are too simple and can be easily guessed by an attacker.
B. Other Recommendations
Includes a list with passwords that also have to be changed because they come with serious security vulnerabilities like:
– Common Passwords: the Safari cryptographic analysis has concluded that other accounts are using the exact same passkey, thus making the string vulnerable and easy to guess.
– Common Words: passwords that include common words are easier to guess, even if they aren’t an exact match with other analyzed passwords.
– Reused Passwords: If you use the same string for more than one account you increase the risk of getting your accounts compromised.
How do you find this new iCloud Keychain Password Security Recommendations feature? Let us know in the comments section available below.
Related: iOS 14 and iPadOS 14 bring lots of new features to the iPhone and iPad. You can check a detailed list here.