Today a Safari pop-up suggesting password for apple.com and others have appeared in a data leak. I have not clicked on where it suggests I can remedy this but when I go into Safari > Preferences > Passwords, I do see an ! on numerous sites. I deleted and/or changed these passwords but really, is this a thing?
Thank you!
MacBook Air 13″, macOS 12.3
Yes. That is a thing. If the password you are using is detected in a data leak Apple will let you know.
It means that a password you are using with a specific website was part of a data leak at some point. It does not mean your specific password has been used to access whatever website or service it was associated with in the leak however, just that it was part of the leaked data.
The recommendation is to update the password to one that has not been used before.
Link-> Passwords & Privacy - Apple Support
...Your device may also inform you of passwords that may have been compromised in a data breach. This feature uses strong cryptographic techniques to regularly check derivations of your passwords against a list of breached passwords in a secure and private way that doesn’t reveal to Apple your accounts or passwords. Apple will send to your device a list of common passwords that are present in data breaches. For your passwords that are not in this list, your device will send information calculated from your passwords to Apple to check if the passwords may be present in a data breach. You will be warned about your passwords determined to possibly be in a data breach. Your actual passwords are never shared with Apple, and Apple does not store the information calculated from your passwords. You can disable this feature at any time by going to Settings > Passwords > Security Recommendations.
Yes. That is a thing. If the password you are using is detected in a data leak Apple will let you know.
It means that a password you are using with a specific website was part of a data leak at some point. It does not mean your specific password has been used to access whatever website or service it was associated with in the leak however, just that it was part of the leaked data.
The recommendation is to update the password to one that has not been used before.
Link-> Passwords & Privacy - Apple Support
...Your device may also inform you of passwords that may have been compromised in a data breach. This feature uses strong cryptographic techniques to regularly check derivations of your passwords against a list of breached passwords in a secure and private way that doesn’t reveal to Apple your accounts or passwords. Apple will send to your device a list of common passwords that are present in data breaches. For your passwords that are not in this list, your device will send information calculated from your passwords to Apple to check if the passwords may be present in a data breach. You will be warned about your passwords determined to possibly be in a data breach. Your actual passwords are never shared with Apple, and Apple does not store the information calculated from your passwords. You can disable this feature at any time by going to Settings > Passwords > Security Recommendations.
If I understand the ! (Exclamation Point ) in you posting is correct ?
That is an indication of two things
1 - That specific Password is weak as in easily guessed by Bad Actors
2 - That specific Password has been used by the User ( you ) on several other Websites and should really be changed
SueBah wrote:
I deleted and/or changed these passwords but really, is this a thing?
Yes, Change Passwords preferences in Safari on Mac provides additional details.
Beat me to it 😄
Is Safari pop-up legit
