Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Runs For Fun

macrumors 65816
Nov 6, 2017
1,138
2,601
Agreed - a common factor seems to be both users logging on to the same device in quick succession as part of setting it up, so I do wonder if the local keychain is being set up by the first user when they sign in to help set up the device and then when the long-term user signs on the local keychain with the other user's password now in is the default keychain so is then merged with the second user's keychain when they sign in.
This seems to be highly likely. People are probably forgetting they signed into their Apple ID on the device at some point even if it was temporarily.
 

BigMcGuire

Cancelled
Jan 10, 2012
9,832
14,029
I accept your point but that shouldn't lead to cross-contamination when two seperate appleid's are used.
It shouldn't, but as a rule of thumb, before I let someone else (3rd party or family) use a device I've used, I've reset it completely. I never just sign out and let them sign in. I imagine not everyone does that.
 
  • Like
Reactions: Quackers

Runs For Fun

macrumors 65816
Nov 6, 2017
1,138
2,601
I just never let someone else use my device. Far simpler that way.
This is the way. Phones are very personal with how much personal and sensitive information they hold. The thought of letting someone else use my phone makes me very uncomfortable.
 

JonaM

macrumors regular
Sep 26, 2017
178
193
I accept your point but that shouldn't lead to cross-contamination when two seperate appleid's are used.
If you are using the same local user account then that behaviour is not necessarily incorrect, just needs to be made really clear.
 

JonaM

macrumors regular
Sep 26, 2017
178
193
I've done a bit of playing around on my Mac and if you do create a new account and then log in to an appleid and accept the default option of sync keychain then your icloud keychain is used to sync down to the local keychain.
If you then log out of iCloud on that machine, but choose to keep a local copy of the icloud keychain your passwords remain in that local account on the Mac.
If you then log in to another appleid in that local account you would then have a local keychain containing the first appleid's passwords, but now iCloud logged in to the second appleid, so you can now merge the keychains and end up with appleid 2 having access to their passwords and a copy of appleid 1's passwords.

There are messages about deleting or keeping data, but I can certainly see how you could unknowingly leave a copy of your keychain on a machine whilst helping set it up for someone
 

Quackers

macrumors 68000
Sep 18, 2013
1,938
708
Manchester, UK
If you are using the same local user account then that behaviour is not necessarily incorrect, just needs to be made really clear.
We're not using the same local user account.
I've done a bit of playing around on my Mac and if you do create a new account and then log in to an appleid and accept the default option of sync keychain then your icloud keychain is used to sync down to the local keychain.
If you then log out of iCloud on that machine, but choose to keep a local copy of the icloud keychain your passwords remain in that local account on the Mac.
If you then log in to another appleid in that local account you would then have a local keychain containing the first appleid's passwords, but now iCloud logged in to the second appleid, so you can now merge the keychains and end up with appleid 2 having access to their passwords and a copy of appleid 1's passwords.

There are messages about deleting or keeping data, but I can certainly see how you could unknowingly leave a copy of your keychain on a machine whilst helping set it up for someone
I suspect this is what I've done though how I've selected to leave the local data I've no idea. Obviously I know how I did it but not why :) I should have known better.
It's the only thing that can have happened, I think.
Having said that how on earth do I unravel it? If I delete her passwords from my devices won't that delete them from her devices? And vice versa. Maybe not because they are from her appleid?
And all this on 3 devices each :eek:
I haven't tested that yet.

Thanks for your experimentation :)
 

JonaM

macrumors regular
Sep 26, 2017
178
193
We're not using the same local user account.

I suspect this is what I've done though how I've selected to leave the local data I've no idea. Obviously I know how I did it but not why :) I should have known better.
It's the only thing that can have happened, I think.
Having said that how on earth do I unravel it? If I delete her passwords from my devices won't that delete them from her devices? And vice versa. Maybe not because they are from her appleid?
And all this on 3 devices each :eek:
I haven't tested that yet.

Thanks for your experimentation :)
In terms of unravelling it you should be safe to delete her passwords from your keychain as she should be using her own keychain ( just one that got your passwords copied in to it at some point). You can try deleting ( or creating) one on your appleid/device and checking that it doesn't update on her appleid/device just be absolutely confident you're not sharing the same icloud keychain before you clear the lot!
 
  • Like
Reactions: Quackers

Quackers

macrumors 68000
Sep 18, 2013
1,938
708
Manchester, UK
In terms of unravelling it you should be safe to delete her passwords from your keychain as she should be using her own keychain ( just one that got your passwords copied in to it at some point). You can try deleting ( or creating) one on your appleid/device and checking that it doesn't update on her appleid/device just be absolutely confident you're not sharing the same icloud keychain before you clear the lot!
Thanks. I'll test with one or two deletions first and see if they affect her.
I see no reason why we'd be using the same keychain but how do I make sure? My brain's gone foggy :)
 
  • Like
Reactions: 960design

960design

macrumors 68040
Apr 17, 2012
3,710
1,578
Destin, FL
Thanks. I'll test with one or two deletions first and see if they affect her.
I see no reason why we'd be using the same keychain but how do I make sure? My brain's gone foggy :)
Let me know how it goes.
I'm traveling and cannot duplicate the merged keychain in the office right now ( until Jan 4ish 2022! ).
Following this thread with great interest.
 
  • Like
Reactions: Quackers

collin_

macrumors 6502a
Nov 19, 2018
582
887
I’m pretty sure that this entirely hinges on what you mean by “log into my gmail.” There is an entire spectrum of ways you can do that on an iPhone. Off the top of my head, the most invasive and comprehensive way (assuming each person has their own iCloud account like you said) would be adding the account to Accounts and syncing everything (including Notes, Contacts and whatnot). The least invasive way I can think of would be logging into Gmail in a private Safari tab and then closing it afterwards.

Basically, there are some ways of logging into Gmail (or, more precisely, your Google account) that will deeply imbed your entire Google account into the iOS device. I don’t fully understand it, but can tell when it’s happened because you’ll be automatically logged in (or at least able to choose an already-present Google account) when downloading a new Google-owned app. Do not log in to your Google Account on any Google-owned app such as Gmail, Google Drive, Google Maps, Google Calendar, Google Smart Lock, etc. (on a shared device… if you care about your privacy). I have found that doing so always causes this to happen.

I’m like 80% sure that signing into Gmail via gmail(.)com on a Safari private tab would not add your entire Google account to the device like that. You may have to sign in each time, but it wouldn’t be that inconvenient if you’re using a password manager (especially one with FaceID unlock enabled). There might be more convenient ways to pull it off, too. Other browsers such as Firefox may let you log in to Gmail in non-private windows without adding your Google account to the device.

Btw, idk what you’re currently doing OP but to anyone reading this I highly recommend just using Apple’s Mail App instead of the Gmail App if you have a Gmail or Google Workspace account. iOS 15 added excellent new mail privacy features, whereas the Gmail app is bound to be a privacy nightmare. I have 2 separate paid Google Workspace accounts that use custom domains, and then regular Gmail accounts on top of that, and I’ve been using solely the Apple Mail app on my iPhone for years with no issues. Maybe I’m missing something but I just don’t see any reason to use Gmail instead of Mail.

The only problem I have with the Mail app is that, even in iOS 15, it still does not give you any sort of indication that an email address is spoofed if you receive a spoofed email. Gmail (at least on the web) will detect spoofing (which is incredibly easy) and give you some sort of yellow warning like “Be careful with this message.”
 
Last edited:
  • Like
Reactions: BigMcGuire

Muscovite

macrumors member
Original poster
Apr 19, 2020
57
37
So, in the end -

1. Apple never called back. Just never did.
2. I went into “Passwords” on my wife’s phone and had to delete all of MY logins one by one, then did the same on my son’s.
Hasn’t happened ever since, must say.

PS I didn’t use Google’s password sync whatever, was a Safari user exclusively. And, again, when I was looking at the saved login/passwords on her phone, it was everything, Google logins and everything else. So it’s not Google.
 
Last edited:

JonaM

macrumors regular
Sep 26, 2017
178
193
How did you fix, please?
Is it just deleting each password (of others) one by one from each person's any one device?
Yes - delete the passwords from a device logged in to account that you don’t want them on. That will delete them from that keychain.
You should then obviously change the passwords affected to keep the details secure going forward
 

Tricericops

macrumors newbie
May 22, 2009
5
2
I had this issue just happen to me in March, 2023. I bought my wife an iPhone 13 from the Apple Store and used some gift cards that were on my apple account to pay for the iPhone. I think this may be key because somehow, immediately after, on my iPhone 12, I got the message bar in the settings app "Get Ready for your New iPhone" so Apple had already linked the phone to my account from the time of purchase. I never logged into or used the phone at all with my own Apple ID. My wife and I were already set up as iCloud family members. Both phones are running iOS 16.

As soon as she set up the brand new iPhone 13 and logged in using her Apple ID. She started to log into apps and noticed my login credentials suggested through keychain. When checking her saved passwords, all of her previously saved passwords were there as well as all of mine. They had completely merged. I, unfortunately, did not get any of her passwords on my keychain.

After researching as much as I could I proceeded like Muscovite details above by deleting my passwords one by one from her keychain. All, again, seems good in the world.
 
Last edited:
  • Like
Reactions: Muscovite

hwojtek

macrumors 68020
Jan 26, 2008
2,274
1,276
Poznan, Poland
I bought my wife an iPhone 13 from the Apple Store and used some gift cards that were on my apple account to pay for the iPhone. I think this may be key because somehow, immediately after, on my iPhone 12, I got the message bar in the settings app "Get Ready for your New iPhone" so Apple had already linked the phone to my account from the time of purchase.
Not the reason. This is just marketing automation. The phone could've been given to anyone and would not have any issues, unless...
My wife and I were already set up as iCloud family members.
The reason.
 

JonaM

macrumors regular
Sep 26, 2017
178
193
Being a member of iCloud family doesn't result in keychains being shared.

I think you are correct with thinking that Apple linked the device to your account when you bought it on your account. However, this still shouldn't have resulted in your keychain being delivered to the device with no further intervention.
Do you and your wife both use the same device unlock codes, or does she know yours to enter it?
Your keychain is encrypted with your device passcode so it should have needed to be entered on the new device to unlock it.

So I am wondering if Apple 'helpfully' linked the new device to your account, which made it possible to sync the keychain and then your device passcode was entered, which then made it accessible on the new device.
 

thosmatthews

macrumors member
Apr 20, 2021
90
244
I’ve just noticed this recently too. A load of my partner’s password suggestions for various websites started appearing. So I took a look at my keychain. It looks like all of them. The ONLY device we’ve shared is that I gave her my old Watch S4 (totally wiped/reset/disassociated), which she gave me back last month when getting an S8. I set it back up for me and had a weird situation where the watch was ‘mine’ but only accepted her old passcode, not the new one I entered. I reset again and seemed fine.

Now passwords are shared. We do have family sharing but have since 2020.

It does seem to be a family sharing / device issue.

I also noticed a (new?) feature in settings > passwords called ‘family passwords’. I wondered whether this had something to do with it initially but can’t see anything populated or crossed over in there.

Anyway. Really annoying and really stupid.
 

Kyriakosss4

macrumors regular
Sep 16, 2021
191
165
It’s likely a setting or his wife or someone is sharing or logging in because this whole thing has some major trust issues screaming out. Or it’s a troll.
Hmm I guess you are right. It’s definitely something 😆
 

JonaM

macrumors regular
Sep 26, 2017
178
193
I’ve just noticed this recently too. A load of my partner’s password suggestions for various websites started appearing. So I took a look at my keychain. It looks like all of them. The ONLY device we’ve shared is that I gave her my old Watch S4 (totally wiped/reset/disassociated), which she gave me back last month when getting an S8. I set it back up for me and had a weird situation where the watch was ‘mine’ but only accepted her old passcode, not the new one I entered. I reset again and seemed fine.

Now passwords are shared. We do have family sharing but have since 2020.

It does seem to be a family sharing / device issue.

I also noticed a (new?) feature in settings > passwords called ‘family passwords’. I wondered whether this had something to do with it initially but can’t see anything populated or crossed over in there.

Anyway. Really annoying and really stupid.
'Family Passwords' is a relatively new feature to allow you to purposely share specific passwords with members of your family, but you do have to explicitly choose and share each keychain entry.
As mentioned keychains are encrypted so they cannot be read except by a device on your Apple ID and after entering the passcode of the device that encrypted it.
By the sounds of your description their passcode was entered onto the watch after it was attached to your account, which indicates that it wasn't fully reset at that point and entering that passcode decrypted their keychain and allowed it to merge with yours.

However, that definitely is unwanted and incorrect behaviour as you'd not expect that to be the result so I would report it to AppleCare as it sounds like you've found an edge case that fulfils the security requirements for sharing keys, but not the user permission
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.