User profile for user: rgarr15
rgarr15 Author
User level: Level 1
4 points

How does apple differentiate between someone else's log in details with the same password as you being leaked? Do i need to worry about these alerts?

I have a question about password data leaks.

I've been getting alerts that my santander security number appears in data leaks, a few times now i've had these alerts- changed it, then thought things were fine and got one a couple weeks later. I've had this account for years now, but have only gotten these alerts in the last couple months

Thing is, the security number santander has you set is only 5 numbers, and i know that no matter what 5 numbers i chose there's probably someone who's data has been leaked who's used that password on something before- so are these alerts i'm getting actually to worry about?

i tested on haveibeenpwned.com and sure enough, typing in the old security code i just changed resulted in me being told it has been on several hundred data leaks. then i tried a password i used to use (that got leaked for sure), only one. then i tried a password i know has not been leaked and it came up with 0.


so, is it just alerting me because someone else's password login details got leaked at some point? or is it alerting me because my specific log in for santander were leaked? should i be worried about the security of my santander account? to log on, they'd also need to know my personal ID which is a longer string of numbers, as well as this security code.


anybody know how i can add more steps to logging into my santander account? even if i don't need to worry about the security number, it would be nice if there was more layers of security.

iPhone 14

Posted on Dec 19, 2025 2:49 PM

Reply

Similar questions

4 replies
User profile for user: rgarr15
rgarr15 Author
User level: Level 1
4 points

Dec 19, 2025 4:30 PM in response to Chattanoogan

thank you, from that article i feel like the cause of the alert probably wasn't my log in details leaked- but just the fact that it's only 5 numbers. but i don't know why it's not alerted me before as i've had my details for that bank saved for a few years. i've changed the personal ID number (username) too just incase, but yeah it does seem insecure right? with the personal ID number and the security number together, it makes it a bit harder to guess bc they'd have to guess both numbers to log in but i don't now- i've not thought of it much until now, but i don't love that both username and password are such simple things


edit: actually i just looked and i have a password set in addition to the security number, but i don't ever use it? it never once has asked me for it when i log in or send money or anything, so what it's being used for i don't know. i forget i even set one, cause it uses security number as a log in password

Reply
User profile for user: Chattanoogan
Chattanoogan
User level: Level 7
32,336 points

Dec 20, 2025 7:51 AM in response to rgarr15

I suspect that your device is automatically entering the password so you only have to manually enter the 5-digit codes.


I detest developers foisting these sorts of setups on us as when the inevitable hardware and/or software “upset” occurs …


… an individual can’t enter his needed credentials as he’s not “fully” entered them in ages.


Suggest you might consider ALWAYS using the “hardest” login method for critical / highly sensitive matters. (i.e. Always login the “hard way.”)


That way you’ll likely stand a better chance of regaining access when things “go awry.”




Reply
User profile for user: Mac Jim ID
Mac Jim ID
Community+ 2026
User level: Level 9
68,792 points

Dec 20, 2025 8:38 AM in response to rgarr15

rgarr15 wrote:
anybody know how i can add more steps to logging into my santander account? even if i don't need to worry about the security number, it would be nice if there was more layers of security.

That would be provided by Santander to provide account security. Is the security code you are referring to the one time verification code sent to your device/email? That is their Enhanced Security that will be a different code every time. The Passwords app should not be prompting you to save the one-time passcode when logging in, but if it does, don't save it as it will not be useful again to login to the site and the next code used will be different. I have not see where a verification code has prompted the Passwords app to save, but an improperly coded website labelling that as a Password will prompt the app to save it.

https://santanderconsumerusa.com/support#/articles/what-is-enhanced-security-for-myaccount----c6a2b2ef-f7ba-4f19-9a35-6373253f71d2


There are numerous messages you may see for an Account in your Passwords app, such as Easily Guessed, Used Numerous Times, and as you said Appears in a Data Breach. This is the password only as you suspect and does not mean that the combination of your Username and Password was involved in the breach, which would be much more severe. As you have seen by the haveibeenpwned.com the single password search will show any breach that has used that password, not necessarily your account.


An account such as Santander then sends a verification code would not only require your Password to be breached, but also the device/email where you have chosen to send that code. That is much more secure then a simple Username/Password method for login and is not taken into consideration with the warnings you see in the Passwords app. You can hide a security recommendation for a site in the Passwords app so it does not appear.

Change weak or compromised passwords on iPhone - Apple Support


Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

How does apple differentiate between someone else's log in details with the same password as you being leaked? Do i need to worry about these alerts?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up