iCloud Keychain seems unsafe... is it just me??

[jhnnyby]

I've just set up iCloud keychain because I was trying to find a safe way to keep all of my passwords. However, I find it VERY unsettling that anyone who knows my iPhone passcode (or computer login for that matter) can easily see all of the stored passwords. You would think Apple would allow the users to use a password other than their login for their device to see all the store keychain passwords... Am I missing something?? I want to use this feature but man, your stuff seems so vulnerable! I'd love some input or solutions that make your stored passwords either non-viewable or only viewable with a password other than your login.

(Same goes with passwords saved in Safari on your mac... Changing the login Keychain does the trick for revealing passwords in Keychain, but with Safari it remains that simply your login reveals any password)

 

[sbailey4]

I use KeePass. It works with Windows too so store your database in the cloud (Onedrive or iCloud) and can use it both from the iDevice or PC. (the database is local to either device) so if stored in cloud you can open the most current version always. Supports touchID as well as a passcode or master password on Windows PC. Assume same for Mac.

 

[jhnnyby]

I use KeyPass. It works with Windows too so store your database in the cloud (Onedrive or iCloud) and can use it both from the iDevice or PC. (the database is local to either device) so if stored in cloud you can open the most current version always. Supports touchID as well as a passcode or master password on Windows PC. Assume same for Mac.

Thanks for the response. do you use Keypass or Keepass?

 

[sbailey4]

KeePass Sorry

 

[electronicsguy]

I've just set up iCloud keychain because I was trying to find a safe way to keep all of my passwords. However, I find it VERY unsettling that anyone who knows my iPhone passcode (or computer login for that matter) can easily see all of the stored passwords. You would think Apple would allow the users to use a password other than their login for their device to see all the store keychain passwords... Am I missing something?? I want to use this feature but man, your stuff seems so vulnerable! I'd love some input or solutions that make your stored passwords either non-viewable or only viewable with a password other than your login.

(Same goes with passwords saved in Safari on your mac... Changing the login Keychain does the trick for revealing passwords in Keychain, but with Safari it remains that simply your login reveals any password)

guess what: you can put 10 more passwords on everything, and someone will complain about that too. If you lose your physical keychain - anyone who gets it has access to your home, car and office key. Can't be helped. If someone knows your iphone passcode, then for practical purposes, that person is *you*. Why shouldn't you be allowed to look at your own passwords?

 

[CTHarrryH]

There are certain site that I don't store on keychain - like bank ones. I do use it to store things such as MacRumors and similar sites.

 

[mildocjr]

Just keep your password secure and you don't have to worry. I keep my iCloud password safe as much as I do my bank information safe.

 

[GalFieri]

If it's a concern to you, don't share your passcode or password.

I use 1Password as my password manager (alternatives being LastPass, Dashlane, KeePass, and the list goes on) instead because of the 1Password app extension that makes it available in Safari (and Safari View Controller) as well as apps that have built in support for it (https://blog.agilebits.com/1password-apps/).

But for many people, iCloud Keychain is just fine. And it's not really insecure because the only real vulnerability is if you let other people know your passcode and/or password. Using any other sort of solution is the same deal. If anyone knew what my master password for 1Password was, all my information is vulnerable.

 

[mildocjr]

I don't know about the encryption techniques that are used but I do know that as iCloud Keychain has the ability to store credit card information, it has to use the same level of encryption that banks use. (all thanks to PCI-DSS) If it's good enough for your bank then you shouldn't have to worry about it. I can't justify the use for 1password for myself, however it's mainly for users who want their passwords shared between operating systems.

 

[bushido]

i dont even understand how the password works lol is it tied to my apple id? everytime i reset one of my iDevices it is like "do u want to keep using this password or the old one?" i am like huh? its the same as before.

i also dont get why wifi passwords are saved in the keychain on mac but not on iDevices. if its save to store your logins and credit card informations it should be save enough to store wifi passwords.

or in other words why does a reset all settings wipe all my wifi passwords on ALL of my devices yet credit card infos etc remain

 

[kch50428]

iCloud Keychain is more secure than using a credit card at a restaurant where the waitron takes your card... goes off to their processing machine to complete the sale and returns with your card with a slip to sign...

 

[mildocjr]

i dont even understand how the password works lol is it tied to my apple id? everytime i reset one of my iDevices it is like "do u want to keep using this password or the old one?" i am like huh? its the same as before.

i also dont get why wifi passwords are saved in the keychain on mac but not on iDevices. if its save to store your logins and credit card informations it should be save enough to store wifi passwords.

or in other words why does a reset all settings wipe all my wifi passwords on ALL of my devices yet credit card infos etc remain

Ok the general idea of your apple ID is
user@icloud.com
under this you have:
--iCloud Photos
--Notes
--Mail
... etc...
--Keychain
Under keychain you have
----Passwords for websites
----Wi-Fi passwords
----Credit card info

All of this is stored in your Apple ID and is copied down to your device when you activate the devoce. Why your wi-fi passwords aren't getting saved is beyond me, as I've only had to set it once.

The reason why a reset resets your device and not your passwords is because you don't reset your Apple ID just the phone it is attached to.

Your Apple ID resides on a secure server somewhere in Apple's cloud (datacenter). You copy everything about your Apple ID when you log on to a new device.

When you reset that device you wipe the device but you don't wipe the data stored in Apple's cloud.

 

[NoBoMac]

Why your wi-fi passwords aren't getting saved is beyond me, as I've only had to set it once.

To ditto this, my Mac's wi-fi network list is chock full of access points the Mac has never been near to, but have connected to via my iPhone.

 

[C DM]

iCloud Keychain is more secure than using a credit card at a restaurant where the waitron takes your card... goes off to their processing machine to complete the sale and returns with your card with a slip to sign...

To be fair, at worst that's one account that could be used for someone else to buy something that generally the credit card company won't hold you responsible for, but that's about it. Having account passwords compromised, well, that seems like a bigger issue. That said, as far as any of that actually happening, it's not really a likely scenario either way.

 

[GalFieri]

i dont eve,n understand how the password works lol is it tied to my apple id? everytime i reset one of my iDevices it is like "do u want to keep using this password or the old one?" i am like huh? its the same as before.

i also dont get why wifi passwords are saved in the keychain on mac but not on iDevices. if its save to store your logins and credit card informations it should be save enough to store wifi passwords.

or in other words why does a reset all settings wipe all my wifi passwords on ALL of my devices yet credit card infos etc remain

iCloud Keychain SHOULD be syncing WiFi passwords to your iOS devices. It's odd that it's not for you.

And yeah, the Reset Network Settings erasing WiFi passwords from all your devices is such a strange design decision. Probably an oversight?

I don't know about the encryption techniques that are used but I do know that as iCloud Keychain has the ability to store credit card information, it has to use the same level of encryption that banks use. (all thanks to PCI-DSS) If it's good enough for your bank then you shouldn't have to worry about it. I can't justify the use for 1password for myself, however it's mainly for users who want their passwords shared between operating systems.

Eh, I wouldn't say 1Password is mainly for people who want to store passwords across multiple operating systems. 1Password is just a much more powerful tool in general. Each login can have notes and multiple fields, you have a much more powerful and customizable password generator, you have time-based one-time passwords built-in, you can sort everything by tags and folders, you can store other kinds of information and data like driver license information and passport information and such, they monitor for database leaks and alert you when you should change your passwords, etc.

And now there's 1Password for Teams and Families so that multiple people can share certain logins with control over access and whatnot, so parents can share financial account information only with each other but share Netflix and WiFi passwords with their kids.

 

[bushido]

iCloud Keychain SHOULD be syncing WiFi passwords to your iOS devices. It's odd that it's not for you.

And yeah, the Reset Network Settings erasing WiFi passwords from all your devices is such a strange design decision. Probably an oversight?



Eh, I wouldn't say 1Password is mainly for people who want to store passwords across multiple operating systems. 1Password is just a much more powerful tool in general. Each login can have notes and multiple fields, you have a much more powerful and customizable password generator, you have time-based one-time passwords built-in, you can sort everything by tags and folders, you can store other kinds of information and data like driver license information and passport information and such, they monitor for database leaks and alert you when you should change your passwords, etc.

And now there's 1Password for Teams and Families so that multiple people can share certain logins with control over access and whatnot, so parents can share financial account information only with each other but share Netflix and WiFi passwords with their kids.

they do sync but if i do a "reset all settings" on my iPhone for example it also whipes all my wifis ive ever been connected to and i have to fill in the passwords again. i tried to disable keychain before doing a reset but no luck my device still forgets all the wifis which makes all my other devices forget the wifis too

 

[mildocjr]

Well as a test you can go out to some generic public wifi connect to that and see if it shows up on your other devices, you also might be having problems if you are using an Apple ID that does not end with @me.com or @icloud.com

 

[bushido]

Well as a test you can go out to some generic public wifi connect to that and see if it shows up on your other devices, you also might be having problems if you are using an Apple ID that does not end with @me.com or @icloud.com

i actually made a threat about this in the past on here and i just assumed its the normal behavior judging by those comments

https://forums.macrumors.com/threads/reset-all-and-wifi-password.1945375/

 

[cynics]

Anytime you consolidate all your passwords into a central location with access from a single passcode it's a huge security risk! Why use different passcodes if it only takes one to access them all?

The flip side is it extremely convenient.

If you are going to use it make sure your passcode on ALL devices is complicated.

 

[rigormortis]

i got into an argument about wifi passwords and iCloud keychain with an apple engineer. i think if you have questions then ask them. it was my understanding that when an iOS or mac connects to a wifi access point the wifi password gets PUSHED to the other devices. however. these passwords are not in the iCloud keychain that apple stores. so if you erase your iPhone and then download apple's iCloud keychain, the wifi passwords are gone

this seems to happen to me on the iPhone when i erase it.
but i haven't tested it thoroughly

 

[mildocjr]

I always figured they were in the iCloud Keychain because after I'd reset my phone (or get a new one) all my wi-fi settings would be ready to go.

 

[rigormortis]

i was testing the watch pretty thoroughly , and it looks to me like every time the watch powers on, the iPhone sends its wifi keychain to it, it seems to me that the watch keys keeps wifi passwords in ram
[doublepost=1460487453][/doublepost]

I always figured they were in the iCloud Keychain because after I'd reset my phone (or get a new one) all my wi-fi settings would be ready to go.

yeah i don't understand it fully. i have had to keep wifi passwords in notepad and type them in again
[doublepost=1460487547][/doublepost]maybe the wifi passwords as i post about earlier was based on an earlier version of iOS. i think ill test this tomorrow!
[doublepost=1460487882][/doublepost]how the apple watch works is you tell your iPhone to forget the wifi network. turn your iPhone off. the apple watch will stay connected to the wifi network , and be happy. until you turn it off. once you turn it on , it no longer know the wifi password. and it will be offline

as soon as turn you on the iPhone, and give it its password, it is pushed to the watch over bluetooth and the watch reconnects

bluetooth seems to be the mechanism that the iPhone uses to push its keychain to the watch

this keychain seems to be the entire keychain. because you can take your watch that you just set the password too and take it to the coffee place and it will connect to it without the need of your iPhone nearby..

its weird. i can turn off the bluetooth on the iPhone , without forgetting the password and reboot the watch and it still connects to wifi. weird. so i guess its not in ram after all

 

[GalFieri]

Anytime you consolidate all your passwords into a central location with access from a single passcode it's a huge security risk! Why use different passcodes if it only takes one to access them all?

The flip side is it extremely convenient.

If you are going to use it make sure your passcode on ALL devices is complicated.

That's technically true, but the alternative being remembering complex passwords for ALL of your accounts is unreasonable. And if you decide to record/write them any of them down, then you're creating a security risk too. That's why you should be using two-step authentication at the very least (true two-factor authentication ideally) whenever possible to mitigate this issue.

And your master password for your password manager shouldn't be something simple and easy to crack anyway.

 

[cynics]

Don't know if this is a data point that helps anyone but when I need to put all my devices on a new wifi network I will type it into my iPhone and connect. Then I will just connect the Mac and/or iPad to the iPhone via instant hotspot for a minute. This will sync the wifi passwords, so I'll disconnect from the hotspot and then onto the new wifi network. That might sound complicated but its not and its much easier then typing in a complicated wifi password 3 times.

When I reset network settings I seem to lose all my wifi passwords across all my devices. I've only done that once and it was a headache. Even the Mac I was working on when I reset network settings dropped its wifi connection. I'll avoid that situation in the future.
[doublepost=1460493061][/doublepost]

That's technically true, but the alternative being remembering complex passwords for ALL of your accounts is unreasonable. And if you decide to record/write them any of them down, then you're creating a security risk too. That's why you should be using two-step authentication at the very least (true two-factor authentication ideally) whenever possible to mitigate this issue.

And your master password for your password manager shouldn't be something simple and easy to crack anyway.

Two-anything authentication isn't useful for the topic at hand.

If I have the passcode to your Mac and/or iPhone I have every login name, password and credit card number you have stored in Apples Keychain.

That is the issue the OP has and its a very valid issue.

Its not uncommon for someone to get a computers login passcode simply by asking. "Hey can I use your computer for a second?" sorta deal. Someone that doesn't know Apples Keychain wouldn't expect that single passcode would be the key to every single secure thing they have.

 

[GalFieri]

Two-anything authentication isn't useful for the topic at hand.

If I have the passcode to your Mac and/or iPhone I have every login name, password and credit card number you have stored in Apples Keychain.

That is the issue the OP has and its a very valid issue.

Its not uncommon for someone to get a computers login passcode simply by asking. "Hey can I use your computer for a second?" sorta deal. Someone that doesn't know Apples Keychain wouldn't expect that single passcode would be the key to every single secure thing they have.

I don't use OS X. Doesn't Keychain Access prompt you for a password when you try to access it? If this is the case, then if someone's asking to use your computer, just enter it for them but don't give them the password itself. Are passwords that are stored in Keychain actually visible anywhere outside of Keychain Access?

In iOS, I believe it prompts for Touch ID or a passcode when you try to actually access that data in the Settings app, so you shouldn't be giving that away either.

It's not a security issue on Apple's end because it's ultimately the user willingly giving up their passcode or password. What is Apple supposed to do other than to tell people not to share their passcodes or passwords? They've already made a step towards eliminating passwords through Touch ID, but they can't force third party services to use fingerprint authentication everywhere.

And two-factor authentication IS relevant to this. If someone does try to steal someone's login info and then access that account elsewhere, two-factor auth would stop it (unless that person holds onto the device).

What is your alternative other than using a different password manager with a master password (or PIN code if the app, like 1Password, allows) that is different than your iCloud or OS X account password? Writing them all down somewhere? Storing it somewhere which essentially doesn't protect your data any differently either?