If that picture is real, you should consider a password manager or find a good generator.It isn't replacing Keychain as of now. Keychain is still there. View attachment 1789809
Haha! It is real. Those are pretty much passwords I have saved from my family members and they aren't good at passwords. My passwords are all generated with the exception of my iCloud and local Mac account. Good catch though. Thanks for looking out.If that picture is real, you should consider a password manager or find a good generator.
From what I can tell, the passwords in Safari and the ones in System Preferences are the same ones. I would hope the Safari password area is fazed out.So what exactly is the difference now between:
1. Passwords in Safari
2. Passwords in System Preferences
3. Passwords in Keychain Acces?
This is getting confusing.
I have had that same issue. Doesn’t look like it has been vastly improved in that way at this time. Hopefully soon ??Just out of curiosity, is it any better at detecting when you use the same credentials for different sites, and not call it reused passwords? As an example, I use one account over all the Wikipedia sites, like wikidata.org, wikimedia.org and so on. But they get flagged as reused passwords in password settings.
In Big Sur at least, the passwords presented by Keychain Access is the entirety of your iCloud (or local) Keychain - i.e. all passwords, secure notes etc.So what exactly is the difference now between:
1. Passwords in Safari
2. Passwords in System Preferences
3. Passwords in Keychain Acces?
This is getting confusing.
There's a whole "thing" to solve this type of issues:Just out of curiosity, is it any better at detecting when you use the same credentials for different sites, and not call it reused passwords? As an example, I use one account over all the Wikipedia sites, like wikidata.org, wikimedia.org and so on. But they get flagged as reused passwords in password settings.
Hmm, interesting. I noticed the example I mentioned, Wikipedia, is on that list, yet still nagging me about it. I removed the surplus ones and re-added them by logging in and now it's not nagging, so yay for that.There's a whole "thing" to solve this type of issues:
password-manager-resources/quirks/websites-with-shared-credential-backends.json at main · apple/password-manager-resources
A place for creators and users of password managers to collaborate on resources to make password management better. - apple/password-manager-resourcesgithub.com
Hmm, interesting. I noticed the example I mentioned, Wikipedia, is on that list, yet still nagging me about it. I removed the surplus ones and re-added them by logging in and now it's not nagging, so yay for that.
I'm not that familiar with Github projects, but if I have cases, not on this list, is there a way to contribute?
I gave it a try and did the two cases I had left. Do you know how long after code is merged, the change is noticeable in Safari? Does it require a new release of Safari?It's possible that it marks them somehow differently with that logic being used at the time they're added, rather than just retroactively to existing entries. It's meant to be a data set for implementors to use as they see fit, it doesn't really describe any implementation details.
As for contributing, yes, you can: https://github.com/apple/password-manager-resources/blob/main/CONTRIBUTING.md
The most basic way is to just file an issue, but it is also possible to propose actual specific changes to the rules. However, that is definitely more in-depth, so if you're not familiar with things like JSON, and ideally Git, I'd recommend sticking to filing issues initially.
No clue how it gets used sorry. It almost certainly needs an updated release, I’d be very surprised if that list is queried dynamically.I gave it a try and did the two cases I had left. Do you know how long after code is merged, the change is noticeable in Safari? Does it require a new release of Safari?