Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Has Passwords been hacked?

H

hajime

macrumors 604
Original poster
Jul 23, 2007
7,921
1,311
Hi, I just picked up my iPad and noticed a warning message on the screen about compromised passwords. Clicking on it showed the Passwords app on the left and under "Detect Compromised Passwords", there is a list of 100+ accounts with either of the following:

"This password has appeared in a data leak, which puts this account at high risk of compromise. You should change your password immediately."

"Many people use this password, which makes it easy to guess."

I use uncommon passwords but it says that many of my accounts have passwords used by many people. It also seems to report that many of my password has appeared in a data leak.

What is going on? Is there something wrong with the Passwords app? Has my Passwords app been hacked?

I am using iPad OS 16.1. Returned several Macs in the past. I always followed the procedure recommended by Apple with the addition of erasing the entire SSD and reinstalling the OS.
 
G

galad

macrumors 6502a
Apr 22, 2022
610
492
No, the message says the websites had been hacked, not the Passwords app.
 
Reverend Benny

Reverend Benny

macrumors 65816
Apr 28, 2017
1,186
932
Europe
hajime said:
Hi, I just picked up my iPad and noticed a warning message on the screen about compromised passwords. Clicking on it showed the Passwords app on the left and under "Detect Compromised Passwords", there is a list of 100+ accounts with either of the following:

"This password has appeared in a data leak, which puts this account at high risk of compromise. You should change your password immediately."

"Many people use this password, which makes it easy to guess."

I use uncommon passwords but it says that many of my accounts have passwords used by many people. It also seems to report that many of my password has appeared in a data leak.

What is going on? Is there something wrong with the Passwords app? Has my Passwords app been hacked?

I am using iPad OS 16.1. Returned several Macs in the past. I always followed the procedure recommended by Apple with the addition of erasing the entire SSD and reinstalling the OS.
Click to expand...
First of all, if you care about security and a bug free user experience, update your devices to the latest supported version. Its currently 16.7 if you wanna stick to iPad OS 16

And as the password app says, your password has been leaked.
But, it could potentially be a bug in iPadOS reporting it incorrectly, but I doubt it is as they do these checks against external sources.

You can always double check your account against https://haveibeenpwned.com/
 
M

mmkerc

macrumors 6502
Jun 21, 2014
303
162
This warning is becoming fairly common as many sites have been hacked, and as mentioned Apple notified you when your passwords are either common, or listed on external sources as being hacked.

The question to asks do you care about the accounts that have compromised passwords. By that I mean many site are now requiring you to log in. For sites that I am not doing and monetary transactions, and are just information (download manuals, blogs, etc) I don't care. This is not to say you should not change the password, but I will change it with my normal rotation of changing passwords (generally once a year).

For financial sites, or sites with personal data (ex. medical info) I will change immediately.

The only other comment I have is you should not use easily picked passwords, or passwords with relations to you (children's name, birthdays etc). I suggest you use something like a favorite novel, and use a combination of random page #, # word on page, and a symbol. (ie 56Mobile! - page 56, the 56 word on the page, symbol). I also you a password storage app to help remember these passwords.
 
  • Like
Reactions: Saturn007 and hobowankenobi
D

davedev100

macrumors member
Jun 11, 2009
33
0
I just noticed this too. I use strong passwords unique to each site but Passwords is saying hundreds of my sites have compromised passwords. I’m skeptical because this would mean this is the biggest data breach ever
 
Saturn007

Saturn007

macrumors 68000
Jul 18, 2010
1,595
1,480
What you're reporting is strange and unsettling.

As to a password app, I'd recommend using Apple's own Keychain app. Use its recommended Strong passwords for websites, and store them in Key Chain in iCloud.

That makes all your devices capable of using the passwords, nothing to remember, and far harder to hack passwords than things you might come up with.

Also for financial and other critical sites, turn on two-factor authentication.

I review those alerts about passwords frequently and change any needed. Sometimes, however, a reused password is flagged, but that’s typically because two versions of a company's log in page are active, so naturally it's the same password for both. Those I don't change.

Let's see what others have to say about this. You could, in the meantime, contact your password app's developer and ask what's going on!
 
T

Thirio2

macrumors regular
Jun 27, 2019
200
131
Maryville, IL
I usually ignore those warnings as phishing attempts. I use strong passwords that I store locally (on paper). If anything was hacked it would be the website.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom