They mentioned Google Authenticator because they're the one most people are familiar with - but it's all based on a standard - RFC 6238. You've never really had to use Google's tool for this.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iOS 15 Includes Built-In Password Authenticator With Autofill, Replacing Google Authenticator and Authy
- Thread starter MacRumors
- Start date
- Sort by reaction score
I still wish it was a standalone app as I don’t use safari for everything, and I’m not always using a Mac. Would be great if iCloud captures this though as I seem to lose the codes when transferring phones.
Then don't. I make sure always to stay as platform independents as usual. I have iPhone and iPad Pro but I still use Bitwarden, Joplin, Authy, Dropbox, Signal, etc. Changing between iOS and Android takes 20 minutes and I'm all set, either direction. These also makes it easier to use e.g. a PC vs. a Mac since iCloud Notes/etc. are horrible on the PC.
I like that bit of potential freedom even if I'm enjoying my Apple devices...
2FA support within iOS is great. Only reason I can’t use it is that if I disable iCloud Keychain on all devices accidentally, I will lose all passwords.
Apple finally getting around to putting out something they should have done 7 or 8 years ago. Better late than never seems to be the theme of Tim Cook’s reign. It’s sad that I get delighted nowadays when I see things being introduced by Apple that should have existed for years already.
I just set this up for several of my accounts and it’s great. No more swiping out to open Authy, then copy/pasting the code. Now I get a FaceID pop up and the code automatically loads into the request field on the given site.
Now do it on your work computer not attached to your iCloud.
No really. How easy is it to get codes to type into a system that not connected to keychain? Can you pull up the codes on an Apple Watch?
I'm not sure what you mean here. It's still a separate 2FA passcode, but it doubles up the security by eliminating the SMS vulnerability (porting for access, spoofing). I haven't seen the implementation yet, but I assume they'll be using the same TOTP (time-based one-time passcode) algorithm and a Face ID/Touch ID/PIN request to auto-fill.
If they're doing what I believe they're doing, this is awesome and something I have long been wanting.
No? And where do you think your keychain is, or how it syncs between iPhone,iPad,Mac?
It surely is...
Confirmed the question I just had. Perfect implementation then!
If you use 1Password only for 2 factor auth, then yes. Most people probably don't even know it can do that so I'm going to guess it's not going to be impacted at all.
I can’t help you there. My personal computer isn’t used at work and I don’t have a Mac at work.
Thats because Apple backup method sucks.
You have no access to ~/ like on the macOS, and you can't selectively restore directories and files nor access configs and mod them.
Relying on a single limited device without having a decent backups was the key issue in your case.
It's also available on macOS, iOS and iPadOS.
On Macs, you don't have to use Safari for the codes. It's also under System Preferences > Passwords. I believe it will be synced with iCloud Keychain.
Yes, but it's end-to-end encryption. The poster could have meant that the plaintext passwords never hit the iCloud. Or I could just be giving them a free way to wiggle out of an argument.
The meat of end-to-end encryption is that, "the messages are encrypted by the sender but the third party does not have a means to decrypt them, and stores them encrypted. The recipients retrieve the encrypted data and decrypt it themselves."
But this topic landed me on this page (Apple Support: iCloud security overview) which was very clarifying for me. 128-bit AES encryption is indeed "industry standard", but it can be decrypted. Unless end-to-end encrypted, the private keys would need to be stored on Apple's servers because the same key used to encrypt is the key used to decrypt.
What I'm not really sure about is why law enforcement seems to have readily available access to iCloud Backups but not Messages. That article seems to imply that they would have access to stored messages, but it may be that end-to-end encryption also plays a role in Messages too. If not, hopefully that is introduced here at WWDC. Still reviewing updates! Lots of posts today!
Won't really affect you if you already have a 2FA/password manager that you really like. For some of us who only own Apple devices, it will be convenient as it is integrated into the system.
Then just go on your iPhone and under the Password in Settings, just like pressing Authy or whatever else on your phone to log onto something else.
I think it is a great feature. By Apple offering this, it will get more people using 2FA. Too many accounts are left unsecure, even on a forum such as this you have seasoned Apple users playing the odds.
The big thing here is this makes it easy for new/non techy users to add MFA with something built in. No one is saying you have to get away from your existing MFA app(s).
Will there be an option to have 2FA codes appearing on Apple Watch as well?
