The new Apple Passwords app

@MKBHD Sounds nice, but having an LLM change my passwords feels…. unsafe

@MacRumors On one hand it’s automatic and nobody has to do anything. Awesome win.

On the other hand, now it’s guaranteed that nobody will ever know their passwords.

@MKBHD Will never be able to move to Apple Passwords app as long as I can't use it on other platforms. Because even though I'm deep in the Apple ecosystem, I still use Windows and other non-Apple devices at times. As with a lot of Apple apps, this is their Achilles heel.

@MKBHD I wonder how they are implementing this as it sounds like they will even have to go into your emails to check the password reset link

@AdityaKMehrotra @MKBHD It actually probably doesn't see the password at all. It likely just finds the way to the password reset flow, calls a tool to generate a password and puts it in the right... oh wait

Apple Passwords is great if you already use iPhone Mac and iCloud because it keeps passwords passkeys 2FA codes and Wi Fi logins in one simple place.

For personal use it is enough but for a company or team I would still choose 1Password or Bitwarden because they give better control over shared access.

@MKBHD sounds neat on the surface, but considering how password resets actually work (email links, 2FA, captchas etc), it’s hard to see this being scalable in any realistic way. not to talk of the whole new box of security vulnerabilities it opens (prompt injection and all smh)

@MKBHD I have a feeling this will work with 1/8th of the sites in Password Manager, due to the fact most sites have anti-automation/anti-scrape features; this feature requires that kind of automation and it'll likely be blocked

@MKBHD Changing my password on its own?

Excuse me? Considering the amount of normies that use Apple it is crazy to think this will not cause more issues than solve problems🤔

@MKBHD "Go to a website and change that insecure password to a secure one"

... they became the one who they were fighting

@tomuiux @MKBHD Bro…..

@MKBHD I can never trust Apple Passwords after an incident I had with it, long story short, it deleted the 2FA for an important account I use, called Apple and they were useless, Bitwarden is a lot more reliable.

@MKBHD Yeah, but you're locked into whatever password app you're using.

@MKBHD I'm deleting that app as soon as I get the update then. That sounds like a future issue

@MKBHD Conclusion is not true. One is welcome to copy the password to another password vault.

That aside, I use 2 vaults - Apple Passwords and another one. I keep them in sync. I don't want my password to be in just 1 app.

Same for photos - iCloud and another Cloud.

@trrr4ce @MKBHD I’ve got some great news for you if you decide to do that

@MKBHD Probably the most useful thing Apple has done in 10 years

@yehiaabdelm @AdityaKMehrotra @MKBHD Nah the agent and model actually most likely never see the password. The device's harness probably uses a token/dummy and when the model fills the password field with the new password (dummy token), the harness swaps that on the fly for the actual new password.

@MKBHD Is it just me or it feels like there is a small chance there is a crazy vulnerability there cuz login by itself and changing password sounds nuts