Hi, I’ve just checked on my passwords section on my iPhone 11 and it’s telling me my password has been detected on a data Leak and telling me I should change most of my passwords... is this right? Do I change them by clicking the link from my phone?
iPhone 11, iOS 14
Kimmsolo wrote:
Hi were you able to identify what it meant ? I just got that pop up today too . One where it showed all my apps saying that they’re at risk and that I should change the password. It said password leaked . I’m really worried that someone actually has access to my passwords. Did you solve the issue ?
Please skim the replies in this thread.
Solving this issue involves changing one or more of your existing passwords to new and unique and preferably more robust passwords.
Getting warnings—each warning can have details of what happened—usually means a password was re-used across more than one website or service, and one (or more) of the places where that password was used—often with an email address to ide tify the user—leaked the email address and the associated password.
People (now including Apple) are building up databases of the email addresses, and each password associated with that address.
Some like Apple are notifying their users. Others are nefarious, and are using these same server breaches and the passwords exposed, and are trying these passwords across other services; what’s sometimes called “cramming”.
What to do?
Change your exposed password(s)to a new and unique value.
To see which passwords are involved:
If you’re on iPad or iPhone, use Settings > Passwords > Security Recommendations
On macOS, Safari > Preferences > Passwords can show you warnings on passwords
Some folks here might fear viruses and virus warnings and the “YOU HAVE A VIRUS” poo-ups, but it’s duplicated / re-used passwords that are how a whole lot of us are getting in trouble.
Lawrence Finch wrote:
There were many hundreds of businesses hacked in the past few years, so if you had an account with any of them your password was stolen as part of the attack. There is no way to know which of these corporate security breaches your account data was specifically stolen from, but if you know where you used the compromised passwords you can probably figure it out.
FWIW, the website linked previously does indicate which dump(s) included the email credentials.
Check the Keychain for more that one entry for that website.
Should I be worried? Or is it possible that it is something that happened a long time ago and due to the update it is just telling me now? I just need to know if I should change all 100 of my passwords cause apple clearly won’t help
I'm seeing that everyone is experiencing this only on iPhone. This notification came up on my Mac earlier today when I visited a website I frequent. It alarmed me, I've never seen anything like that before.
I received the same notification on my iPad Pro in December 2020. I had just bought the iPad a few months prior, so I only had a couple dozen passwords to change, which I did. What is more troubling to me is that now, a month after I changed my passwords and used them a few times each, I’m now getting the exact warning notification again on a handful of websites that I just changed the password last month. Is anyone else experiencing this?
The same has happened to me, except over 40 new notifications. I’ve been trying to change passwords from my iphone and several of them have been very glitchy and will say I’ve saved new password but then lock me out when I try to log back in. And neither password works now. It is starting to freak me out.
I just purchased a new iphone12 and and have the same warning about my password. It says I need to change 102 account passwords. I tried to do it on two accounts and was unsuccessful too! Not sure what to do at this point, change every single account password? Where do I start with this new found issue?
I used the safari-generated, strong password yesterday to update one of my frequently used websites. I did this from a new MacBook Air (BigSur 11.2). Today, as I was troubleshooting synch issues between mac and iPhone 12, the iPhone password manager warned me that this same website password had been compromised - the 'strong' password that I just updated yesterday. And I confirmed that both phone and laptop saved the new safari generated pw. No one else uses my devices. I guess it's possible that in less than 24 hours there was a data leak - or is there a glitch in the password manager that is giving me this warning message?
I know this makes sense but what happens in a type of situation where your phone is stolen or lost or broken and then you have to use a loaner or try and set up new phone... is keychains or the autogenerated passwords going to be accessible?
Knowing my password and having it written down has seemed to save my butt in such an unfortunate event... that being said.. I can’t remember 104 different passwords and so I am going to obviously reuse. Do you think apple just warms you that it could be a leak if you have reused the same one too many times?
lantaul wrote:
I know this makes sense but what happens in a type of situation where your phone is stolen or lost or broken and then you have to use a loaner or try and set up new phone... is keychains or the autogenerated passwords going to be accessible?
With iCloud Keychain enabled, yes.
With iCloud backups or with local backups, yes.
If you’re fond of operating without backups, then no.
But without backups, photos and other contents can (will) be lost when a device is lost or stolen or damaged, too.
lantaul wrote:
I know this makes sense but what happens in a type of situation where your phone is stolen or lost or broken and then you have to use a loaner or try and set up new phone... is keychains or the autogenerated passwords going to be accessible?
You can sync the replacement phone to iCloud to sync the passwords stored in Keychain. If you are really worried when you have Keychain generate a password you can look it up in Settings/Passwords and write it down or save it to a document or (password protected) spreadsheet.
Thank you for your response.
No, so if I wanted to change alllllll of my passwords to keychain... I would never get an alert or warning of a leak?
And if I choose to change them all I would have to do each one individually... Log in to each website and go through settings and try and figure out this keychain thing? Gosh, I hate I don’t know how to use all of the bonus features to my phone. Or pretty much all technology. Geez!! Lol
Hi were you able to identify what it meant ? I just got that pop up today too . One where it showed all my apps saying that they’re at risk and that I should change the password. It said password leaked . I’m really worried that someone actually has access to my passwords. Did you solve the issue ?
I also have data leaks message on iPhone 11 Pro Max ! But does not tell me where leak occurred ? Could it be from carrier initial setup on iphone be the cause because I also can not get on secure webpages or secure portals , my carrier states it is a Apple problem!!
Password in data leak
