The consequence could be, that users stop using random and/or complex passwords or even stop using this feature at all. This could be a painful task when the password is randomly generated. While this is not directly security related, it has impact on the usability which can lead to bad practices which are weakening the security of the system.įor example, when one changes the password of a service on the iOS device, they also need to change it manually on the desktop. If it's not properly hardened, even more information is at risk because the access control to the password manager is done with either your pass code or biometry.Īnother disadvantage is the fact, that it's currently not possible to export the stored credentials for usage in other software. (This is already the case as far as I know)īut of course, the security of this feature also depends on the configuration of your device. If you don't trust iOS for securely managing your passwords, you shouldn't trust iOS at all because it already has access to these and even more critical information.Īlso, the password manager can use more of the security features of the device like the secure enclave for protecting the password storage. You don't have to worry about the credibility of a third party for acting responsible with your data anymore.
Overall I think the built-in password manager can be an improvement in terms of security for many casual users.įirst of all, it removes another party from the trust chain.
0 kommentar(er)
