Google Productivity Pad: How to use iCloud Keychain and find your saved passwords

Tuesday, September 23, 2014

How to use iCloud Keychain and find your saved passwords

And now we are going to talk once again about a very useful, but often not understood, function of the iPhone and iPad: iCloud Keychain.



What is it?
iCloud Keychain is Apple's built in password generator and manager. If you create a new account on a website you will often see when you get the password step the option for a long and complex auto generated secure password.

This is iCloud Keychain trying to help you out. Instead of using the same password that you have used for everything since 1998, it wants you to use a secure password that nobody could guess because it is randomly generated. The only problem with a password that nobody can guess is that you cannot remember it either, but that is ok because when ever you get the website Safari will just autofill the password for you.

This way you can have a different password for every website without having to try and remember them.





How to find your password
If you need to enter your password on a site that doesn't take autofill, or into an app on your iPhone or iPad you will have to find the password iCloud made for you and enter it manually. You don't need to memorize each of these passwords because you can find them stored securely behind a master passcode on each of you devices.

To find the passwords on you iPhone or iPad go to: Settings > Safari > Passwords & AutoFill > Saved Passwords. You will be asked to enter a passcode and then you can see a list of all the websites that you have data saved for.

Choose the one you need the password for and you will see the user name and password associated with that account. Then just hold down on the password until you get the "Copy" option. Click it and then return to the app or website where you need to make the manual entry. Hold down on the entry form and choose paste.

Note: in iOS 7 you will see the list of websites before putting in you passcode, then when you click on a specific website you will need to enter your passcode.

To find the passwords on you Mac go to Safari > Preferences > Passwords. Then select the website you want from the list that appears. Then check the box "Show passwords for selected websites." You will be prompted to put in your admin password and then you will be able to copy and paste the password.

When it doesn't work
iCloud Keychain is not perfect, and it lacks some of the sophistication of other password managers like One Password and LastPass. Sometimes a website will not allow it to generate a password, and so you will have to come up with the password on your own. My suggestion is that you use a secure password generator like this one to come up with a random password and you copy and paste that in as your password for the site.

Your hope then is that iCloud Keychain will ask if it can store the password, at which point you say yes and you are good to go. If that does not happen then you need to store the password somewhere else yourself until iCloud does ask for it. In my experience iCloud normally does ask to store every password eventually, sometimes it takes 2 or 3 times of logging in first though.

Security
Is security an issue with iCloud Keychain? Sure, of course it is, any code can be broken. The point is not that it is completely safe, the point is that it is probably much safer than what you are currently doing by using the same password for every site and account.

I can't tell you how silly I think it is when people say they won't use a password manager because they think it is insecure, but they will use the same password for every website. People with easy passwords are the first target in any security breach (the ones using "password" are always the first to go).

Well I hope this has been helpful for you, and I hope it will help you take you security a little more seriously in the future. If you have any questions about iCloud Keychain please leave me a comment below. And remember, live better.

No comments:

Post a Comment