Why do people feel the need to push what they use? So what it’s free, I used it and I didn’t like it. It didn’t have what I wanted, it’s not as smooth, and the family version isn’t as good.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple to Launch Standalone 'Passwords' App in iOS 18 and macOS 15
- Thread starter MacRumors
- Start date
- Sort by reaction score
Well, I just renewed my 3rd party subscription for another year, so I'll have time to see how the Apple one works out.
Nice! Thank you! I dropped 1Password when they went subscription. This will be very helpful
Given that even at least one of the big non OEM p/w managers has had serious security issues, at least once, I’m always surprised that folks are so willing to use free p/w managers.
I specifically have used the keychain on Mac since it was available and on iOS for the last decade. I’m willing to trade a few peripheral features for integration and development resources that comes with it. If Apple has a breach, it’s going to get a lot of attention compared to the rinky dinks.
The last couple adds of authenticator and a notes section were big for me as they allowed me to retire SMS 2FA on many sites (and remove my phone number) and to move all the site related info, assigned HME e/m address, acct nrs, PINS, Codes, Recovery Keys, what bio info (phone, address, DOB, etc.) is stored on site.
Basically straggler info that had been in contacts, notes, etc from the time before passwords could hold it, could be consolidated into the notes section of passwords.
To be honest I most enjoy the security feature enhancements info from wwdc.
I hope at some point Safari Autofill, esp credit cards, and HME email addresses are migrated to be stored in passwords. I prepared an unsolicited proposal suggesting this when HME and passwords last big adds appeared, since there is so much overlap of information among these.
Just dont celebrate in advance 
perhaps they will put it in bag with Apple one service subscription
perhaps they will put it in bag with Apple one service subscription
You both miss the core of Apple’s business model.
It is to provide the most popular features in an easy to use and well integrated way for the majority of users without special demands.
It’s the democratization of bang for buck.
I'm not pushing anything. You were complaining about paying for a password manager subscription, so I was trying to be helpful and suggest a very good open source free one.
Sounds like you are just looking for aggro? Weird.
Yes, Apple has been abandoning its password management system for the last decade by expanding it across the ecosystem, to outside platforms, adding features and deeper integration and now prominence outside of settings. A true death trajectory.
If I can autofill passwords on Chrome with it then I might end up having to say goodbye to 1Password then
Awesome! I bought 1Password 7 (the one before they switched to highway-robbery subscriptions). I won't be surprised if it stops working with IOS 18...so this will come at the perfect time.
Why are you still using LastPass when they have been hacked multiple times and have lied about it numerous times?
Apple Cloud Keychain for the Apple EcoSystem
Bitwarden for everything outside the Apple EcoSystem
only issue I have is, Apple Cloud Keychain PassKeys dont port into BitWarden ... I believe this issue is on Apples side (not exporting PassKeys)
Once it becomes an App, it is subject to Apple App management policies. We've all seen Apple put in lots of work, throw the work at the wall, then step back and abandon it. With Apple only time tells.
Several years ago, I downloaded and installed the video transcoder app Handbrake from its official web site. I ran it, it asked me for my admin password so it could install some codecs, I typed that in ... and then, secretly, it collected my Keychain files and my 1Password files and sent them - along with my admin password - to some random site out there.
Later that day there were news stories about the Handbrake site having been hacked, and the app download having been replaced by a trojan. The hackers were collecting these files from people, using the admin password to decrypt Keychain, looking for the 1Password key in there (from people who use Touch ID to unlock it) to decrypt 1Password, and then looking for cybercurrency web site logins and stealing their funds.
I was only safe because I don't use shortcuts to unlock 1Password; I make it always require me to type in my 1Password key. So there was nothing stored in Keychain that would have decrypted my 1Password vault. (Still, I changed all my passwords after this.)
The moral of the story is: I would be suspicious of a password manager that gets unlocked with the same credentials I use to unlock my Mac or iPhone - or, that even gets unlocked automatically when I unlock my device. There needs to be a separate password for my password manager, and there needs to be a way to require me to enter it manually. I wouldn't use Apple's password manager unless it has this.
Later that day there were news stories about the Handbrake site having been hacked, and the app download having been replaced by a trojan. The hackers were collecting these files from people, using the admin password to decrypt Keychain, looking for the 1Password key in there (from people who use Touch ID to unlock it) to decrypt 1Password, and then looking for cybercurrency web site logins and stealing their funds.
I was only safe because I don't use shortcuts to unlock 1Password; I make it always require me to type in my 1Password key. So there was nothing stored in Keychain that would have decrypted my 1Password vault. (Still, I changed all my passwords after this.)
The moral of the story is: I would be suspicious of a password manager that gets unlocked with the same credentials I use to unlock my Mac or iPhone - or, that even gets unlocked automatically when I unlock my device. There needs to be a separate password for my password manager, and there needs to be a way to require me to enter it manually. I wouldn't use Apple's password manager unless it has this.
Why is everyone so sure this will be free?
I could very much see this new offering being part of an Apple subscription bundle
I could very much see this new offering being part of an Apple subscription bundle
I have zero issues with free software (to a point). The Linux and FOSS community thrives on it. For password managers, as long as they are audited and have great documentation, I’ll use them.
Here is my issue with Apple Keychain and now their password app. Someone tried to get into my oldest daughter’s iCloud account. They didn’t get in, but Apple locked her account for security reasons and it took 4 days for her to prove it’s her, and to get in.
Her Apple stuff was useless at this time. When she unlocked her iPhone, she get getting pop ups and couldn’t use it. She had to use an old iPhone and just made a new Apple ID to use temporary. She downloaded her 3rd party password manager, logged in, and she was back in business under a different Apple ID.
If she didn’t use a 3rd party password manager, she would have been screwed. 4 days without accessing your password and your accounts can be very bad, especially if you needed to pay stuff.
That wasn’t me you originally replied to. I’m just saying people do this. I honestly don’t care what people use, as long as they use a password manager. Not once have I said “you should use… password manager”, because most people don’t care.
Last edited:
Yes thru the passwords UI on macOS and iOS.
Wherever it’s been suggested to use Authy or Google authenticator I’ve used the apple authenticator without problems.
Also on sites where authenticator 2FA is not available, Apple’s integrating PIN by email (and doing it via an HME address singularity assigned to one site) has allowed me to move most PIN receipt off PIN via SMS, so in preferential order:
- authenticator
- PIN via email to HME
- PIN via SMS
- no 2FA
I was using Sign in with Apple but so few sites offered it and I didn’t really like the additional balkanization it caused, so I reverted those accounts to 2FA password once Apple introduced their authenticator.
Im still not using passkeys as I want to see how it develops. I expect that it’s safer and easier to use but don’t think I have any immediate need to move from the current setup.
Yes, you're right it wasn't you on the original reply. However, I was not pushing anything, nor can I understand how you thought I was? I was simply suggesting a very popular open source free option as the person was not happy with having to pay for a password subscription service.
Everyone's reacting like this will be a free value-added service Apple will be providing, but I'm not reading anything that says it will be. I certainly hope it will be and good enough for me to replace 1Password (still using 1P7 on a one-time paid license and refuse to do a sub), but it's no secret that Apple is constantly looking for more revenue avenues. Other services like Apple Music, TV, News, etc are all subscription based, with some free content. I guarantee you that if it is cross-platform, then a sub will be required. There is simply no incentive for them to do this and make it free for the whole world outside their customer base.
it is another way to keep you locked into the eco system after having all of your passwords saved to their new password program....