Hi, I’ve just checked on my passwords section on my iPhone 11 and it’s telling me my password has been detected on a data Leak and telling me I should change most of my passwords... is this right? Do I change them by clicking the link from my phone?
iPhone 11, iOS 14
Kimmsolo wrote:
Hi were you able to identify what it meant ? I just got that pop up today too . One where it showed all my apps saying that they’re at risk and that I should change the password. It said password leaked . I’m really worried that someone actually has access to my passwords. Did you solve the issue ?
Please skim the replies in this thread.
Solving this issue involves changing one or more of your existing passwords to new and unique and preferably more robust passwords.
Getting warnings—each warning can have details of what happened—usually means a password was re-used across more than one website or service, and one (or more) of the places where that password was used—often with an email address to ide tify the user—leaked the email address and the associated password.
People (now including Apple) are building up databases of the email addresses, and each password associated with that address.
Some like Apple are notifying their users. Others are nefarious, and are using these same server breaches and the passwords exposed, and are trying these passwords across other services; what’s sometimes called “cramming”.
What to do?
Change your exposed password(s)to a new and unique value.
To see which passwords are involved:
If you’re on iPad or iPhone, use Settings > Passwords > Security Recommendations
On macOS, Safari > Preferences > Passwords can show you warnings on passwords
Some folks here might fear viruses and virus warnings and the “YOU HAVE A VIRUS” poo-ups, but it’s duplicated / re-used passwords that are how a whole lot of us are getting in trouble.
I’ve just had the same...
Have you gotten in touch with them yet about it?
my “Keychain” is now accessible without a permit . how do I create security for this one in particular without having security overkill everywhere else?
Not permit - PW
Me Too!
Unfortunately, websites and servers are hacked all the time, so it’s unfortunate, but it is a fact of life in the 3rd millennium.
My Apple ID or iCloud mail were not breached but my Gmail email has been breached by 3 places : Houzz, Modern Business Solutions and My heritage
The same thing happened to me which got me thinking that maybe my entire phone is hacked... is that possible and if so what should I do?
Yes, it’s happened to my iPhone too.
It’s a new feature built into iOS 14.
From iOS 14 User Guide (https://support.apple.com/en-ie/guide/iphone/iphd5d8daf4f/ios):
iPhone also securely monitors your passwords and alerts you if they appear in known data leaks. If you don’t want iPhone to perform this monitoring, go to Settings > Passwords > Security Recommendations, then turn off Detect Compromised Passwords.
Ever heard about ‘have i been pwned?’ service? If not then look it up. As this is pretty much what you iPhone is doing; it is checking if any of services you have account has been pwned then possibly checks date last time you updated your password. If date of your last password update is greater than date when service was pwned then you’ll see the warning on your device.
You shouldn’t re-use the same password on different services. Use iCloud Keychain, or other password manager to generate passwords for you.
Password in data leak
