Apple Passwords Can Now Automatically Fix Weak and Compromised Passwords With Agentic AI

[MacRumors]

Apple today announced that the Passwords app can now automatically update weak and compromised passwords using Apple Intelligence and Safari to take action on a user's behalf.

The feature builds on Passwords' existing ability to flag weak or compromised credentials. While the app has long been able to alert users to security issues, acting on those alerts required manually visiting each site and changing passwords individually. The new capability removes that friction by automating the process end-to-end in the background.

Apple describes the system as agentic, with Apple Intelligence and Safari securely navigating through websites, signing in, and upgrading accounts to strong passwords without the user needing to intervene beyond an initial tap. The feature displays as a Live Activity when active.

Article Link: Apple Passwords Can Now Automatically Fix Weak and Compromised Passwords With Agentic AI

 

[nathan_reilly]

dang, freaky that someone could just go through and agentically change all my passwords for me whether I want it or not!!!

 

[Jaro65]

I'm sorry, Dave, I'm afraid I can't let you log back into that site.

 

[iMatt.]

This is an actually incredible feature

 

[chfilm]

yeah I gasped when I saw this, really cool!

 

[Aluminum213]

What could possibly go wrong?

 

[211]

Doesn’t work for me. 3 accounts found, couldn’t log in by itself

 

[spazzcat]

What could possibly go wrong?

You need to manually reset a password...

 

[stiligFox]

This is super cool - I have some sixty passwords that need updating!

 

[AFPoster]

This is a terrible feature. If you read through this you're giving Apple full access to your Password library with the ability to grant access to 1Password, mSecure and others. This means Apple will see, know and can use your account information to log into other sites to validate access upon changing passwords to ensure their changes worked. What is stopping them from doing something beyond a password change? That part isn't documented.

 

[Killerbob]

I have literally been waiting fo this for over 10 years...

 

[trifid]

Extremely cool but will probably only work with only 3% of your accounts.

 

[bluecoast]

This is an actually incredible feature

It’s simultaneously incredible and freaky. I guess that sums up agentic ai.

 

[N0ughtsAndCr0sses]

This is an actually incredible feature

It is.. now it’s just BS

I do have one password that needs redoing. Not automatically changing 😂😂🤌🏻🤌🏻

 

[Ralfi]

dang, freaky that someone could just go through and agentically change all my passwords for me whether I want it or not!!!

The way I read it, you need to manually trigger (want) it?

 

[Siliconguy]

Not useful unless it can communicate with Firefox on the Linux box.

 

[Blackstick]

I'm sure 95% of the sites won't cooperate. "Prove you're not AI, which one of these pictures has a stop sign in it!" norobots.txt 😉

 

[JustSomeInfo]

I'm scared, hold me.

 

[icymountain]

For a start, if Safari could correctly use the right password for each website without filling the wrong one, that would be good. It happens with maybe "only" 5% of my accounts but that is already quite frustrating. If it starts changing passwords on its own before that is fixed, it is pretty clear that tapping on the cursed button will make me unable to log on somewhere sooner or later.

Also, it also complains for reused passwords, but fails to understand that the reason why some passwords need to get shared across several websites is that there is just one account behind them. I see no way to silence such spurious warnings.

Fixing such existing usability issues would seem much more important than having some agentic AI do "something", just because it can.

 

[zilchfox]

I'm sure 95% of the sites won't cooperate. "Prove you're not AI, which one of these pictures has a stop sign in it!" norobots.txt 😉

Pretty sure AI can easily defeat these things.

 

[Morgenland]

This is a terrible feature. If you read through this you're giving Apple full access to your Password library with the ability to grant access to 1Password, mSecure and others. This means Apple will see, know and can use your account information to log into other sites to validate access upon changing passwords to ensure their changes worked. What is stopping them from doing something beyond a password change? That part isn't documented.

I doubt Apple even notices, but then you're stuck with those crazy-long auto-fill passwords, and try entering one of those on your work PC without losing your mind. btw: I just recently found out that 1Password runs on Chromium.

 

[hoon2999]

Do not use cloud LLM that can read my passwords during its task. A big no-no.

 

[Blackstick]

Do not use cloud LLM that can read my passwords during its task. A big no-no.

Phew, my security engineers were only giving it the client secret. We're good!

 

[harveyhanson]

Just ran this, works really well for a beta - 10 out of 15 passwords with issues were updated. The ones that failed for me were:
- Delta
- Ticketmaster
- Xfinity
- Zillow

 

[serpico007]

Oh wow, what a cool way to get locked out of your own accounts by trusting AI to do this "simple" task.