"This password has appeared in a data leak" notice on iPhone

Password.

They should say that then, not something untrue.

Believe what you want, you can also check google password manager to see if any of your passwords have been compromised.

Did you also use the password check at havibeenpwned.com?

Open the Keychain app. It has a tendency to create multiple copies of user ID/password pairs for the same accounts. So it’s possible that it is the same password that appears multiple times.

The document linked below was updated this month. A "Password Monitoring" section is on p.116:

Apple Platform Security

õ¿õ¬

[Edited: To correct link to PDF]

You will never find the culprit.

Look at the news, many websites and companies are breached.

Many of them don't follow best practices of security by salting and hashing passwords.

It is estimated that 15 billion passwords are available to buy on the dark web.

Your best bet is to use a password generator to create a unique password for each and every website.

iOS has one built in, keychain:

https://support.apple.com/guide/iphone/automatically-fill-in-strong-passwords-iphf9219d8c9/ios

You can also use a service such as 1password or lastpass.

But I was just curious, culprit as joking it’s not that serious.

And we would know this how?

I want to find the culprit for me now having to change my password used on 59 other sites

Your statement certainly looked serious.

Interestingly, iOS showed me a breach for an account that other websites do not detect as a being hacked.

I checked with avast, f-secure, and haveibeenpwned. None of them show that particular login account for a 3rd party service as being breached, but iOS. I guess Apple is deeper in the darknet than other, so to speak 😉.

I really appreciate this new service from Apple. Well done!

Sorry, I did not mean to offend you.

I checked different security websites. There is discrepancy between Apple data and publicly available data. Apple should be more transparent and needs to be consistent.

I did not mean to kill the messenger 😉

So your explanation as to how Apple knows a password has been breached when no other public website - whose whole purpose is to list breached passwords - doesn't know is what exactly ? Go ahead, .... let's see how much sense YOU make.

I came here to look for an answer as this is a very serious issue. And luckily, I found my answer.

But if I still had questions regarding this thread, I wouldn’t dare ask. A couple of higher level ladies/gentlemen gave informative, teaching answers with references and I thank you.

So I am assuming this is the result of the latest security updates. Thank you again.

What’s going on - everyday I seem to be getting this message even after I-have updated my password.

I go into FB and I find my account is active 90 miles away - do a security check with FB nothing wrong but apple keeps saying password leaked-

Thanks but Lawrence - I have updated my password nearly every few days and the password is not used on similar accounts - so it does not make sense. I could understand if it was the same - I have relied on Apple providing protection now I am thinking of getting a third party protector - seek your opinion

Have you got any basis for that assertion, that apple has access to lists other websites don't ? that Apple's list is larger ? Or are you just guessing. If you are right it is astonishingly anti-social of Apple not to share their lists with havibeenpwned - they're saying you can only find out if your password is compromised by buying one of their products.

I changed one of my supposedly compromised passwords to something unique and it still said it had appeared in a data leak. My guess is it is a bug in their system.