Passwords

[The_Auryn]

I just upgraded to Monterey for the first time and noticed a new item in the System Preferences App called Passwords. It sort of resembles keychain access but it a bit different. Out of the hundreds of passwords I have stored in Keychain, it's tell me about 50 of them have been "compromised due to a data leak."

I'm curious what exactly this means (besides the obvious). How does Apple get access to this information and if there were data leaks from 50 companies that put my password out into the jungle, why haven't I received a single email from any of these companies informing me of that?

 

[Rigby]

You can find a detailed explanation of how it works here:

Password Monitoring

Password Monitoring matches passwords stored in the Password AutoFill Keychain against a continuously updated list of passwords known to have been leaked.

support.apple.com

I don't know where specifically Apple gets the data, but there are many large "dumps" of breach data out there, and they may also be working with sites like Haveibeenpwned.

Regarding the number, are these all unique passwords or are you reusing some?

 

[The_Auryn]

@Rigby All are unique, and I religiously change all my passwords every year. I just find it amazing that in this day and age, with encryption etc., that so many companies are experiencing data leaks. Is it just sloppiness on their part? I noticed that most of the data leaks are from smaller companies, Adobe, Micromat, etc. None of the leaks seem to be from banks, credits cards, or brokerages, luckily.