Third Party Keyboard Restriction

TypeMRT

macrumors 6502
Original poster
Sep 7, 2007
464
86
According to Apple's App Extension Programming Guide "When a user taps in a secure text input object, the system temporarily replaces your custom keyboard with the system keyboard"

That stinks. I was excited to hear that keyboards like Swype, Fleksy, and even 1Password could be installed. But now it sounds like they disappear and get replaced with the standard system keyboard whenever you try to enter a password or any text that shows up as dots. That's even worse in my opinion. I hope that changes before the final release.
 

ErikGrim

macrumors 601
Jun 20, 2003
4,461
3,036
Brisbane, Australia
According to Apple's App Extension Programming Guide "When a user taps in a secure text input object, the system temporarily replaces your custom keyboard with the system keyboard"

That stinks. I was excited to hear that keyboards like Swype, Fleksy, and even 1Password could be installed. But now it sounds like they disappear and get replaced with the standard system keyboard whenever you try to enter a password or any text that shows up as dots. That's even worse in my opinion. I hope that changes before the final release.
I believe they demonstrated in the keynote that you can explicitly allow third party keyboards access to secure fields?
 

KALLT

macrumors 603
Sep 23, 2008
5,070
3,086
I believe they demonstrated in the keynote that you can explicitly allow third party keyboards access to secure fields?
They didn’t say anything about secure fields though. I understood that this permission is only for external services for algorithms or predictive text.
 

Xeyad

macrumors 6502
Nov 19, 2012
341
288
You know what? I think that's great! It's installing 3rd-party keyboards, but with security. I don't want any 3rd-party keyboard taking a record of my password. Yes, Swype or Fleksy could be very trustworthy for many people, but I'm sure their security procedures aren't close to Apple's, and I don't know if their keyboards have some security flaws or not.

While you may know the consequences of using a 3rd-party keyboard, the millions and millions of iPhone users don't, but people have requested a lot for it. Apple has responded and enabled 3rd-party keyboards, but they don't want to put people's vulnerable information at risk.

I like how Apple cares somewhat about people's security, unlike some of its competitors. They're opening up iOS 8, but with a guard ;)
 

FourOhFour

macrumors member
Jul 28, 2011
51
1
You know what? I think that's great! It's installing 3rd-party keyboards, but with security. I don't want any 3rd-party keyboard taking a record of my password. Yes, Swype or Fleksy could be very trustworthy for many people, but I'm sure their security procedures aren't close to Apple's, and I don't know if their keyboards have some security flaws or not.
What if my third-party keyboard IS my password manager? Having LastPass or 1Password or whatever able to appear as a keyboard in other apps to type my password for me sounds great. Much better than having to switch to the password manager, copy the password to the clipboard, switch back, paste it, and then forget to copy something else so my password is in the clipboard for who knows how long.

Hopefully Apple allows this or provides some other mechanism for password managers.
 

diogolg

macrumors member
Jun 14, 2012
87
6
What if my third-party keyboard IS my password manager? Having LastPass or 1Password or whatever able to appear as a keyboard in other apps to type my password for me sounds great. Much better than having to switch to the password manager, copy the password to the clipboard, switch back, paste it, and then forget to copy something else so my password is in the clipboard for who knows how long.

Hopefully Apple allows this or provides some other mechanism for password managers.
I believe that password manager apps will use extensions to be able to complete your password and not develop a new keyboard to do that...
 

TypeMRT

macrumors 6502
Original poster
Sep 7, 2007
464
86
So I guess iOS isn't become more like Android, because that pesky little word "security".
I agree that Apple's security-first model has worked very well for its customers. This time I believe usability will suffer. For regular users, the sudden and/or unknown keyboard switching could look like a weird system glitch. The switch seems like it will happen even when you want to AutoFill passwords. AutoFill forms may not work either.

I'm confident that the default of no network access is secure enough for me to trust that no keystrokes go outside of the app. Having an app extension and two different keyboards sliding in and out just to enter a password is a complex and ugly solution.
 

charlituna

macrumors G3
Jun 11, 2008
9,631
815
Los Angeles, CA
Really folks. Apple is finally allowing keyboards etc and all you can do is gripe about how it isn't just like how you want it. Be happy you got something. They didn't have to do it. Give them some time to work out all the deets
 

jabingla2810

macrumors 68020
Oct 15, 2008
2,271
937
This may not be the most elegant solution, but it's a secure one.

People don't seem to realise that these custom keyboards, such as swype, need to see what you are typing.

Now, when it comes to my passwords for banking, I trust Apple, I don't trust 'Swype'.

...Not yet anyway.
 
Last edited:

The Phazer

macrumors 68030
Oct 31, 2007
2,798
346
London, UK
Really folks. Apple is finally allowing keyboards etc and all you can do is gripe about how it isn't just like how you want it. Be happy you got something. They didn't have to do it. Give them some time to work out all the deets
People wouldn't get anything if they didn't "gripe".

People complaining is the motivation for Apple to prioritise improvements.
 

sarcosis

macrumors 6502a
Apr 25, 2006
586
6
These United States
This may not be the most elegant solution, but it's a secure one.

People don't seem to realise that these custom keyboards, such as swype, need to see what you are typing.

Not, when it comes to my passwords for banking, I trust Apple, I don't trust 'Swype'.

...Not yet anyway.
I also find that when i'm typing my password on more "predictive" keybaords, i can never get it right, but the more type keyboards work better for me. This sounds ok for me and it keeps it a bit more secure, so i'm all in.
 

Armen

macrumors 604
Apr 30, 2013
7,375
2,249
Los Angeles
Predictive text box is good enough for me. I could care less about swype. Didn't use it on Android not going to use it now.
 

Stuntman06

macrumors 6502a
Sep 19, 2011
961
5
Metro Vancouver, B.C, Canada
I agree that Apple's security-first model has worked very well for its customers. This time I believe usability will suffer. For regular users, the sudden and/or unknown keyboard switching could look like a weird system glitch. The switch seems like it will happen even when you want to AutoFill passwords. AutoFill forms may not work either.

I'm confident that the default of no network access is secure enough for me to trust that no keystrokes go outside of the app. Having an app extension and two different keyboards sliding in and out just to enter a password is a complex and ugly solution.
I can see where Apple is coming from with this decision. It's a decision between security and convenience. I personally don't agree with this decision. If you are used to a third party keyboard for practically all of your typing, you may have difficulty when you have to type with the default keyboard once in a while. Password fields do not allow you to see what you typed to verify you typed it correctly. They may be complex combinations of letters of different cases, numbers and symbols. Also, you generally are only allowed a certain number of wrong attempts before you are locked out of an account. It's hard enough typing on a touch screen with familiar keyboard.
 

legioxi

macrumors 6502a
Mar 2, 2013
639
75
What if my third-party keyboard IS my password manager? Having LastPass or 1Password or whatever able to appear as a keyboard in other apps to type my password for me sounds great. Much better than having to switch to the password manager, copy the password to the clipboard, switch back, paste it, and then forget to copy something else so my password is in the clipboard for who knows how long.

Hopefully Apple allows this or provides some other mechanism for password managers.
App extensions + finger print reader = nice method for apps to integrate with 1Password. No need for a keyboard.
 

MDTyKe

macrumors regular
Jun 24, 2007
153
3
Hawaii, USA
If it's done right, the 'secure' fields could be filled by the keyboard (e.g. LastPass/1Passwd). But when you tap it yourself, the custom keyboard is disabled. That would allow the password field to be filled, but not for the keyboard to 'read' what I type in it.. no?
 

TypeMRT

macrumors 6502
Original poster
Sep 7, 2007
464
86
If it's done right, the 'secure' fields could be filled by the keyboard (e.g. LastPass/1Passwd). But when you tap it yourself, the custom keyboard is disabled. That would allow the password field to be filled, but not for the keyboard to 'read' what I type in it.. no?
That works if your password manager also has a custom keyboard. But if your custom keyboard doesn't handle passwords, then it gets replaced by the system keyboard.
 

Anonymous Freak

macrumors 603
Dec 12, 2002
5,223
570
Cascadia
You can bet that third-party keyboard developers will file multiple requests to remove that. Heck, if you're a developer testing iOS 8 now, make a keyboard, even if you don't plan on distributing it, just so you can file a bug report on it! :D
 

TypeMRT

macrumors 6502
Original poster
Sep 7, 2007
464
86
EXACTLY. I'm thinking about making my own keyboard because I don't want a new typing technique or password managing. I just want:
Dark translucent (system keyboard for spotlight searches)
Case-sensitive keys
Caps lock glow
Number row above the letters
 

afsnyder

macrumors 65816
Jan 7, 2014
1,270
33
According to Apple's App Extension Programming Guide "When a user taps in a secure text input object, the system temporarily replaces your custom keyboard with the system keyboard"

That stinks. I was excited to hear that keyboards like Swype, Fleksy, and even 1Password could be installed. But now it sounds like they disappear and get replaced with the standard system keyboard whenever you try to enter a password or any text that shows up as dots. That's even worse in my opinion. I hope that changes before the final release.
3rd party keyboards might be able to store your password input and upload it to a server. This is probably a security feature... I don't mind as long as you can use Touch ID to replace most passwords.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.