In iOS 12, Apple has introduced new password-related features that are designed to make it easier for iPhone and iPad users to create strong, secure, and unique passwords for app and website logins. In this guide, we'll show you how to use two of those features: automatic strong passwords and password auditing.

icloud keychain
Automatic strong passwords ensures that if you're prompted by a website or app to make up a password on the spot, Apple will automatically offer to generate a secure one for you. Password auditing meanwhile flags weak passwords and tells you if a password has been reused for different account login credentials. Here's how to use the two features.

How to Use Automatic Strong Passwords in iOS 12

  1. Launch Safari and navigate to the site asking you to create new login credentials, or launch a third-party app asking you to sign up for a new account.
  2. Enter a username or email address in the first field.
  3. Tap on the Password field – iOS will generate a strong password.
    ios 12 automatic strong passwords

  4. Tap Use Strong Password to accept the password suggestion and save it to your iCloud Keychain.

Pro tip: Next time you need one of your passwords, you can ask Siri. For example, you could say: "Siri, show me my BBC password." Siri will then open up your iCloud Keychain with the relevant entry, but only after you authenticate your identity with a fingerprint, a Face ID scan, or a passcode.

How to Identify Reused Passwords in iOS 12

  1. Launch the Settings app on your iPhone or iPad.
  2. Tap Passwords & Accounts.
    ios 12 password auditing 1

  3. Authenticate via Touch ID, Face ID, or your passcode.
  4. Scroll down the list of passwords and tap on any entries with a triangular warning symbol.
    ios 12 password auditing 2

  5. Tap Change Password on Website to open the associated website and make the change.

Note that the last screen shows you on which other websites you've used the same password.

Pro tip: You can share passwords with other people directly from the iOS Password Manager via AirDrop. Simply tap the password field and an option to AirDrop the login will appear. The login can be AirDropped to any device running iOS 12 or macOS Mojave.

Related Forum: iOS 12

Top Rated Comments

Kip_ Avatar
85 months ago
The old version using 4 groups of 3 characters has a possible max of (62^3)^4 or 3.22x10^21 combinations.

The new version using 3 groups of 6 characters has a possible max of (62^6)^3 or 1.83x10^32 combinations.

This assumes that the groups are made up of any of the 26 lower case letters, 26 upper case letters and the 10 digits. If we eliminate i,I,l,L,o,O,1,0 that reduces to 54 possible characters and values of 6.14x10^20 and 1.52x10^31 respectively.

I'm reasonably assured they're not going to get guessed by knowing that the dash is in a particular place.
Score: 7 Votes (Like | Disagree)
Infinite Vortex Avatar
85 months ago
Personally I'm not a big fan of this type of thing for a number of reasons…

1) At no time do you, or will you, know your password. So what do you do when you need to use that auto-generated password outside of Safari or something that has access into the Keychain?

2) There is no means to access the saved passwords outside of fully connecting to your iCloud account on an Apple device. So if you lose/damage your iPhone (or iPad or Mac) and don't have another Apple device available you that you are able to connect to iCloud as a primary account you are completely locked out of EVERYTHING until you replace that Apple device with another Apple device. Clever on Apple's part but infuriating the moment the customer realises it.

3) Each time you want to access a password you need to use a credential that protects ALL of your other credentials. This means that primary credential is used more often making it more susceptible to "breach". Credentials are typical most at risk at the point/time of entry so the more you need to use it the more at risk it is.

4) It is all highly presumptive that everything is working right.
Score: 7 Votes (Like | Disagree)
Fall Under Cerulean Kites Avatar
85 months ago
I prefer not to use automatically generated passwords because they eventually are reversed engineered.
Really? There are plenty of easier and more likely vectors than “reverse engineering” the password generation mechanism.

As long as it doesn't force me to use excessively long and confusing passwords, I'm ok with this. I know many sites, institute insanely long and complex passwords so this may be helpful
This is the world we’re heading to. Away from simple passwords that can be memorized and on to machine-generated passwords which are complex enough to thwart brute-force hacking. Look at SSL/TLS. Sure, these use certificates, but it’s a similar idea. Machine-generated, machine-stored, machine-entered authentication. Personally, I welcome it, as I would argue no one can reasonably generate and remember secure, unique passwords for all of the services they use.

Can you edit that strong password? There are a lot of stupid websites that don’t take passwords longer than 10 characters or accept the dashes.
If it doesn’t exist already, this will be a feature of future password managers. It would be trivial to screen-scrape and/or keep a database of password requirements, and generate a compliant password based on that knowledge.
Score: 6 Votes (Like | Disagree)
ignatius345 Avatar
83 months ago
As long as it doesn't force me to use excessively long and confusing passwords, I'm ok with this. I know many sites, institute insanely long and complex passwords so this may be helpful
Passwords only feel "excessively long and confusing" if you're trying to remember them. If you're using a password manager you trust and have on you all the time, you can ditch memorability as a factor and make them as hack-resistant as possible.
Score: 5 Votes (Like | Disagree)
jonblatho Avatar
85 months ago
If it doesn’t exist already, this will be a feature of future password managers. It would be trivial to screen-scrape and/or keep a database of password requirements, and generate a compliant password based on that knowledge.
Apple already does this ('https://twitter.com/_inside/status/959549503920660480').
Score: 5 Votes (Like | Disagree)
Mr. Heckles Avatar
83 months ago
I prefer not to use automatically generated passwords because they eventually are reversed engineered.
This has to be the dumbest excuse ever not using this. Really?
Score: 5 Votes (Like | Disagree)

Popular Stories

iPhone 17 Pro Dual Tone Horizontal 1

iPhone 17 Pro Launching This Year With These 8 New Features

Tuesday January 28, 2025 11:48 am PST by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices. iPhone 17 Pro concept based on rumors Below, we recap key changes rumored for the iPhone 17 Pro models as of January 2025: More aluminum: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models ...
airpods 4 blue

Apple Finally Explains How to Install New Firmware on Your AirPods

Monday January 27, 2025 11:17 am PST by
Apple regularly releases new firmware for the AirPods, AirPods Pro, and AirPods Max, but the company has historically provided limited information on how to initiate an update. That changed today, and Apple updated its AirPods firmware support page with more specific instructions. Prior to today, here's what Apple said on the subject: Firmware updates are delivered automatically while your...
tvOS 18 Thumb 3

Apple Releases tvOS 18.3

Monday January 27, 2025 10:00 am PST by
Apple today released tvOS 18.3, the newest version of the tvOS 18 operating system that came out in September. tvOS 18.3 comes more than a month after Apple released tvOS 18.2, and it is available for the Apple TV 4K and the Apple TV HD models. tvOS 18.3 can be downloaded using the Settings app on the ‌Apple TV‌. Open up Settings and go to System > Software Update to get the new software....
M6 MacBook Pro Feature 1

5 Reasons to Wait for Next Year's MacBook Pro

Monday January 27, 2025 4:25 am PST by
Apple in October 2024 overhauled its 14-inch and 16-inch MacBook Pro models, adding M4, M4 Pro, and M4 Max chips, Thunderbolt 5 ports on higher-end models, display changes, and more. That's quite a lot of updates in one go, but if you think this means a further major refresh for the MacBook Pro is now several years away, think again. Bloomberg's Mark Gurman has said he expects only a small...
ipad january sale

Amazon's New iPad Sale Has Up to $300 Off M4 iPad Pro, M2 iPad Air, and iPad Mini 7

Tuesday January 28, 2025 7:32 am PST by
Today we're tracking a few iPad discounts on Amazon, including the new iPad mini 7, M2 iPad Air, and M4 iPad Pro. These deals include multiple all-time low prices on Apple's tablets, matching the prices we tracked over the holiday season in many cases. Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us...
iPhone 17 Air Size Feature

iPhone 17 Air Design, Specs, and More: All the Rumors So Far

Wednesday January 29, 2025 4:00 am PST by
This year, Apple is expected to discontinue the iPhone "Plus" device in its iPhone 17 lineup to make way for an iPhone "Air," so-called because of its thin profile. Below is a compilation of every rumor and leak we have registered from reputable sources thus far about Apple's new entry in its flagship smartphone lineup. iPhone 17 "Air"? About the Name There has been some uncertainty...
iPhone SE 4 Thumb 1

iPhone SE 4 to Have Notch Instead of Dynamic Island

Tuesday January 28, 2025 1:49 pm PST by
The upcoming iPhone SE 4 will feature a notch instead of the Dynamic Island, respected display analyst Ross Young said today. The device will have a "notch like the iPhone 14," according to Young, which contradicts a recent leak that depicted a Dynamic Island. Earlier this month, leaker Evan Blass shared images said to feature the iPhone SE 4's design, but those images featured an iPhone...