| ▲ | seaal 5 hours ago |
| >Fix passwords with a tap.
>The Passwords app alerts you to weak or compromised passwords and can update them on your behalf without the hassle. Finally, I hope this works well. Personally one of the worst things to deal with. |
|
| ▲ | nixpulvis 4 hours ago | parent | next [-] |
| Apple Passwords reliably updates passwords in its database before the password is confirmed to be actually changed. I've been locked out of accounts many times to this. They really need to focus on these basic UX issues. |
| |
| ▲ | umpalumpaaa 4 hours ago | parent | next [-] | | 1Password gives you access to previous passwords you had for that reason. Unfortunately not for other fields like email, notes etc… IMHO the perfect password app could just keep all previous versions of any field until the user deletes the history. | | | |
| ▲ | lxgr 4 hours ago | parent | prev | next [-] | | Does it at least store the old password for a while in some archive, like most competitors do? | | |
| ▲ | vmladenov an hour ago | parent | next [-] | | It goes in the “View History” section of a password entry, with an option in the 3-dot menu for “Clear History”. Not sure how long this is kept | |
| ▲ | nixpulvis 3 hours ago | parent | prev [-] | | Not at all. |
| |
| ▲ | bouke 3 hours ago | parent | prev [-] | | Yep. I get anxious when Safari starts to offer a new password for an existing account. Having access to previous passwords would be such great UX, but no, no such thing. |
|
|
| ▲ | xp84 4 hours ago | parent | prev | next [-] |
| I'll believe this when pigs fly. There's a 0% chance it will work. Most websites I've seen have one or all of: * Force you to use email or SMS as a "second factor" to unlock changing password even if you know the old password * A stupid idea of password complexity usually requiring one of a finite set of 5-8 "special characters" which is often only revealed after you've chosen a password that doesn't have them. Or in some cases even banning characters other than the ones they check for. There's a standard for this where you put a regex on the password field, which a good password manager will always use, but the kind of idiots who think limiting the entropy of passwords to increase security is the correct way to do things almost NEVER implement this. * A maximum password length, even as short as 16 characters in many cases * CAPTCHA etc. Any effort spent on this would be better spent elsewhere, including even educating other companies on how passkeys should be used. |
| |
| ▲ | mimischi 2 hours ago | parent | next [-] | | Some of your points are addressed by: https://github.com/apple/password-manager-resources | |
| ▲ | 2 hours ago | parent | prev | next [-] | | [deleted] | |
| ▲ | charcircuit 2 hours ago | parent | prev [-] | | They may be limiting entropy to make it easier for users to remember their password. A user that can't log in is most likely one that will churn. | | |
| ▲ | xp84 23 minutes ago | parent [-] | | I don't think firms like the electric company or (payroll company) ADP are worried that I'll churn. Also, the Venn diagram of "memorable" and "reasonably secure" really only intersects in the region of "Correct horse battery staple" phrases -- and the problematic sites I'm talking about nearly always limit length, which thwarts that type of password terribly. What is the purpose of maxlength on a password?? These shouldn't be stored in any form other than a hash, so unless long enough to pose a DoS threat during the hashing process, length is truly none of their business. |
|
|
|
| ▲ | avarun 5 hours ago | parent | prev | next [-] |
| 1Password has been able to do this for five+ years. Frankly, it doesn't even really need agentic AI, although a talented team could probably make it perform better with agentic AI. I don't really believe in Apple being that quality team. |
| |
| ▲ | nozzlegear 4 hours ago | parent | next [-] | | > I don't really believe in Apple being that quality team. Why? | | |
| ▲ | avazhi an hour ago | parent | next [-] | | Maybe observing Siri for the past 10 years? They have no expertise in this area and their software quality as never been worse. | |
| ▲ | iknowstuff 2 hours ago | parent | prev [-] | | its clear from their efforts thus far (image playground jesus fuck) that AI and even prompt engineering talent actively flocks away from them |
| |
| ▲ | sleepybrett 4 hours ago | parent | prev [-] | | I mean every api/app/website has a different way to do this. If there was a standardized api that everyone could conform to to allow this automation I would be all for it. I assume 1p does this by writing custom code/rules for dealing with the most popular sites out there and then erroring out for anything else. AI could potentially help solve those unpopular site/app/whatever edgecase. | | |
|
|
| ▲ | sanex 5 hours ago | parent | prev [-] |
| I hope they don't feed the actual password into the model. |
| |
