iOS 15 Includes Built-In Password Authenticator With Autofill, Replacing Google Authenticator and Authy

[AJACs3]

It's convenient, but undermines security. 2FA codes really shouldn't be stored together with your passwords. 1password has the same feature, but I think even they admit it isn't as secure as using a completely separate authenticator.

I’ve always read the key to 2FA is that it is comprised of
1. Something you have (something running the 1Password app)
2. Something you know (the main password to get into 1Password)

so while those two rules are abstracted up/out into the singular point of failure of 1Password being compromised, unless that happens, everything else you log into can have ridiculously long non-shared passwords whether they have 2FA or not, with the added benefit of you only having one basket of eggs to guard.

 

[I7guy]

WOW, how anticompetitive!!!
Just another example of Embrace, Extend, and Extinguish...

What an uninformed post.

 

[dr_white]

Hoping somebody can help me here before I go and switch all my Google Authenticator codes over to iOS 15...

Does iOS 15 automatically enter the 2FA code, or do I need to go into Settings > Passwords > Find the service > Then copy the code > Then go back to the app and paste it in?

Really hoping Apple have made this seamless, but I don't want to test it myself due to fear of being locked out of important services if I turn off Google Authenticator.

 

[Haribokart]

It is automatic and almost instant.

 

[Fatyank]

I’m new to 2FA apps so I’m trying to decide if I need a separate one or use the one in IOS15. Does the IOS15 2FA perform the same function as Microsoft Authenticator? I’ve not set anything up yet, as far as 2FA app and don’t want to repeat the process. I have several sites that already require 2FA so will this Authenticator replace the “sending me a text with Authenticator code” process? Does this cover apps as well as websites? Thanks in advance

 

[LV426]

[deleted]

 

[fredrickhstn]

Nope, if you don’t want people to see your photos, you’ll have to continue not giving folks your unlocked phone

Set up a Lock Screen shortcut

 

[s.r.]

This feature is also available on Safari 15(macOS Catalina 10.15.7).

However, the AutoFill option is going to take some time to implement since the website developers have to add the annotation attribute "autocomplete" to the OTP input field. It's a 5-second matter. But not many are aware of it and only will happen if users let them know. So, send a feature request or support email to your favourite website or app and let them know you want it to be implemented.

You can send them this link to learn more https://developer.apple.com/videos/play/wwdc2021/10105/

 

[nCode]

Tho I like the idea of integrated 2fa, I think it’s foolish to put everything in one basket, just for convenience.

 

[- rob -]

It is a miss that Apple didn't release a stand-alone app that can replace Google Authenticator and ease people toward embedding it so deeply in the keychain password autocomplete behavior.

 

[0924487]

But still no password protection for Hidden Photos, huh

Why do they need to be hidden....?

If it's hidden then whoever gave you that technology may be liable for it's content.