Apple did a fine job with the Password app. Hopefully in the next version they can implement some of Steve Gibbons Squirrel to make them more standard adoption.
I never save my 2FA into my password manager. Bad security practice. Always use separate app for 2FA. If somebody ever gets access to your password manager they have everything they need to get in if you combine them.
How so? How does using a separate app help? If someone has your passcode to get on your Mac (and physical access) then they can get to both places. Just having it in a separate app does not make it more secure. But it does make it much harder to enter in those codes (not automatic) so people will be less likely to opt for 2FA, which is a worse problem.
@@macmost Yes they might have access to both but depends how your 2FA is. For example you can use Authy and set a PIN code so even if they get your phone or Mac they will be stopped getting 2FA codes unless they also have your PIN. 📍. It’s another layer of security. Maybe edge case yes but paranoia in the realm of security is always my go to. Also watch this video by another popular Mac UA-cam creator from today. He got hacked by clicking on a link even though he had two factor, separate emails and passwords. Didn’t even get the “was this you” email. Scary. ua-cam.com/video/xdoafCAmHfw/v-deo.html
Gary, is it possible to share passwords only between iMac and iPad but exclude on iPhone and iWatch in case either of these latter two are stolen when out and about? Many thanks for an interesting and educational video.
No. And it would be a bad idea to do so. You want your passwords available to you on your iPhone, don't you? A Password manager is the best way to have access to them. Otherwise you'll be using simple and repeated passwords that are weak, and you'd be vulnerable to phishing. Remember your passcode on your iPhone protects everything. Find My too (for remote erase). If you are concerned about security then make your passcode on your iPhone stronger. I use a long alphanumeric password for mine (plus Face ID to make it easy).
I think the new password manager Is nice. But I would like them to add the functionality to ajust length/letters in the suggested password, as I run into site where they are to long or don't meet requirements. In my old password manager I could change this in settings.
I'd rather have those sites get complaints about that and change their forms. Having a length limit like that is very bad for security. But in the meantime, just delete a few characters off the end of the suggested password.
@@macmost Yes I also did that 👍But some sites require, for example, a certain number of numbers and a special character, or capital letters, so you need to a just for them. I noticed that most websites that have a box below the password field, where a green check mark appears for each line if you meet the criteria for the password. It is not many, but have run in to 3-4 when I changed passwords for my bookmarks.
Unfortunately the Apple solution is not available cross platforms (IOS, Mac, Windows and Android), not gonna use multiple pw managers so I’ll stick with 1password.
we need to be able to edit the website url sometimes. The url saved is not always the one we need to login from. I've got one entry that the url leads to something for employees only when it should be leading to patrons, and there's no way to change it
I think this is great but I can’t believe they didn’t add credit cards. They have their own credit Brads now it would be great to have a credit card section. I can’t see changing just yet.
I'm still using Sonoma 14.6.1 on my Mac Mini, but have a password related question. Right after I upgraded to 14.6.1, several sites I visited in Safari didn't recognize my Touch ID (Magic Keyboard). I received a prompt to type in my user ID to activate AutoFill, and after I did that, I was logged in. Sometimes after logging out and returning hours later, I'd get the same prompt to activate AutoFill - but not always. I've cleaned the TouchID key on the keyboard but that doesn't seem to have helped any. Any suggestions? Do you think upgrading to the new OS will help?
It is hard to say why you needed to enter your code at those particular times. In general, Touch ID is a shortcut for entering your password. A variety of things can trigger macOS to make you enter your passcode again, all security-related. The idea is not to be able to use Touch ID 100% of the time, but a large percent of the time.
Great video, Gary. I was hoping you would be doing one for the Password App. Would love to see a follow up with details on how to import passwords using a CSV file from another password app. Specifically, what fields get imported, and what text needs to be in the CSV file header fields? I want to do this but I have 100 plus passwords to import, many with notes I want to import
It is going to vary depending on the app you are exporting from. So not possible to do a video unless I want to dedicate a huge amount of time to using the other apps to test exporting and importing with all of them. Just try it with what you have. If you want to try a sample, it is easy to open and edit a csv file since it is just text.
Most password managers will have the option to export your data in CSV format; however not all will export the correct format. As mentioned in another comment, I had been using Roboform password manager almost since its release, however its CSV was not formatted in a way that the Passwords app could read. My workaround was to export my Roboform data to CSV, import that data to NordPass (which I had tried last year); then export from NordPass to CSV, and import that to the Passwords app.
My problem is that the same site can have multiple passwords depending on which page I am inside that site and Safari would not know which password to autofill if they are all different. It presents one of them (independent of the subpage) and I have to remember which one is assigned to which subpage. It will not deduce it from the subpage.
You get a menu in those cases. So you can choose. For instance, if you have 3 passwords for a social media site as you manage different accounts, you can simply choose which to fill in.
Yes, just create two Gmail (or any other site) entries in the passwords app and the Passwords pop-up will give you both to choose from when logging in.
@@jamesbrock_au5997 I know that. I am trying to stop another family member getting into my emails when they use another device which has my email available on.
I don't think so. I've not played with any system that allowed that, but I think the site would need to support something special, like at least passkeys, to do that.
I can see the passwords app in Finder-> Applications. But in Launchpad, It is no where. I have checked all pages of launchpad and even tried to use search in launchpad. I can access passwords app through spotlight. Same is the case with iphone mirroring app. I have tried restart and also safe mode. Can you help?
For someone who spends time working on multiple platforms, is there a way for Apples password manager to work with (share) their data safely with Windows and Unix platforms?
I don't think there is anything with Unix. But there is with Windows. support.apple.com/guide/icloud-windows/set-up-icloud-passwords-icw2babf5e03/icloud
@@macmost - Sadly it might work for some users, but not for all. Password and address book/contacts sharing between windows and Apple devices hasn’t worked in years. Sorry.
@@macmost - My CPU isn’t on the ‘supported’ list allow me to upgrade to windows 11, and as they serve their function and have proprietary software installed… they work for now under windows 10 pro. I’ve spent literally weeks trying to get it to work, Apple says it’s a Microsoft problem, Microsoft says it’s an Apple problem. I will check out that article you suggested later.
@@macmost Yes notes as part of the website you are saving passwords too but i want stand-alone secure notes that i can note down other things that doesn't need URL or passwords just stored behind a master password. Hopefully they will add this facility in the future.
@@perrysrc Not sure what website you mean. The Notes app allows you to lock notes. But also any file you create (Pages, Word, TextEdit, etc) would work. Some apps let you encrypt the document. But even if not encrypted they are still protected as part of your whole user account.
@@macmost I don’t mean the notes app. Lastpass saves websites like Apple passwords but LP also lets you save secure notes which you can attach pdf’s or photos too. What I needed to know was does Apple passwords have the secure notes function or just password saving with just a note you can add like you showed in video.
@@perrysrc Yes, I understand. I'm just suggesting that you can use the Notes app to save things like that. As of now, Passwords doesn't let you have anything but text in notes. But you can use the Notes app (and many other methods) to save secure notes with attachments.
Probably. But I don't think they reveal all the details. Is it security and privacy you are worried about? Because it is end-to-end encrypted anyway. See support.apple.com/en-us/102651
@@paulschwarz6917 Where? Were you signing up for a fresh new Apple Account? In System Settings? Not sure how that would work as you'd need to be signed out of iCloud to do that, which means Passwords wouldn't work. Very unusual situation.
@@macmost I tried to change it before signing out and it still did not provide a suggested password. Sorry for the confusion. I have locked my self out now, so I will give apple a call. Thanks for your help.
Great, informative video! I really wish you could have more control over the auto-generated passwords, like increase the length, or have it use additional special characters, like !@#$%^&*, etc. Every password is 6 characters, a dash, six characters, a dash, and 6 characters, with only ONE of those 18 non-dash characters being a number. Granted they're still very strong, but they could be stronger! The other limitation is sharing. Unless I'm missing something, you have to create shared groups for any passwords you want to share, and the password moves to that group, and becomes unavailable to any other shared group(s) you create. If I want to share a single password with one family member, and a different, single password with another family member, I have to have two separate share groups with one family member in each. If I want to share a third password with BOTH family members, it doesn't look like I can copy it into both share groups, because it only lets you put a password in one shared group at a time. I think that means I have to create a third share group and put those same family members both in it!
Email is typically a server-based service. For instance, iCloud email is in iCloud, Google email is on Google's servers, etc. So if you have become disconnected with your email provider, simply log back in.
I got rid of 1password in favor of keychain because of your video a couple years ago. So cool to have this upgrade!
Great Video! I like to use Apples Passwords Manager alongside Bitwarden for cross plattform compability
Wow !!! This is great! Been looking for a good video to help me understand password management. This is the ticket !!
Sequoia is arguably the best os update since snow leopard , really useful stuff instead of 57 new emoji's as usual
Great video as always. Really helpful!! Thank you!
Apple did a fine job with the Password app. Hopefully in the next version they can implement some of Steve Gibbons Squirrel to make them more standard adoption.
Excellent as usual, new format of video slicker 👍🙂
you are the go to man on mac! Thanks a lot for that.
Linked to a website is brilliant
Very helpful. I'd love to see a tutorial about using it on Chrome.
Very useful so much to learn! Thank you, Gary! 👏🏻❤️
Very useful information 🙏
Excellent tutorial!
Thanks Gary.
I've often thought Apple would develop a password app outside of Safari. If anything is on the short side, it is minimal support for Android.
Great info. Useful!
Thanks Gary for this video. Question. For sites that have security questions, they would go in the notes. Correct?
That’s how I’ve been doing it… would love to know if there’s a better way, but I doubt it…
Yes. Hopefully you don't come across many of those anymore.
Does it work and share passwords with Android , or windows PCs (as does Dashlane)?
(If not it is useless for me… and many others)
Windows, yes. Android, not yet.
I never save my 2FA into my password manager. Bad security practice. Always use separate app for 2FA. If somebody ever gets access to your password manager they have everything they need to get in if you combine them.
How so? How does using a separate app help? If someone has your passcode to get on your Mac (and physical access) then they can get to both places. Just having it in a separate app does not make it more secure. But it does make it much harder to enter in those codes (not automatic) so people will be less likely to opt for 2FA, which is a worse problem.
@@macmost Yes they might have access to both but depends how your 2FA is. For example you can use Authy and set a PIN code so even if they get your phone or Mac they will be stopped getting 2FA codes unless they also have your PIN. 📍. It’s another layer of security. Maybe edge case yes but paranoia in the realm of security is always my go to.
Also watch this video by another popular Mac UA-cam creator from today. He got hacked by clicking on a link even though he had two factor, separate emails and passwords. Didn’t even get the “was this you” email. Scary. ua-cam.com/video/xdoafCAmHfw/v-deo.html
Superb 🙏🏻
Gary, is it possible to share passwords only between iMac and iPad but exclude on iPhone and iWatch in case either of these latter two are stolen when out and about? Many thanks for an interesting and educational video.
Just don’t load the app on iPhone or watch.
No. And it would be a bad idea to do so. You want your passwords available to you on your iPhone, don't you? A Password manager is the best way to have access to them. Otherwise you'll be using simple and repeated passwords that are weak, and you'd be vulnerable to phishing. Remember your passcode on your iPhone protects everything. Find My too (for remote erase). If you are concerned about security then make your passcode on your iPhone stronger. I use a long alphanumeric password for mine (plus Face ID to make it easy).
I think the new password manager Is nice. But I would like them to add the functionality to ajust length/letters in the suggested password, as I run into site where they are to long or don't meet requirements. In my old password manager I could change this in settings.
I'd rather have those sites get complaints about that and change their forms. Having a length limit like that is very bad for security. But in the meantime, just delete a few characters off the end of the suggested password.
@@macmost Yes I also did that 👍But some sites require, for example, a certain number of numbers and a special character, or capital letters, so you need to a just for them.
I noticed that most websites that have a box below the password field, where a green check mark appears for each line if you meet the criteria for the password.
It is not many, but have run in to 3-4 when I changed passwords for my bookmarks.
"1 2 3 4 5" isn't secure? Crap...now I have to change the combination on my luggage.
Unfortunately the Apple solution is not available cross platforms (IOS, Mac, Windows and Android), not gonna use multiple pw managers so I’ll stick with 1password.
It is available on Windows. Maybe Android to come?
Same here, using Dashlane. At least Apple should make a web version as Dashlane does…
That’s why it provides csv imports and exports
@@geogeo6071 not a very practical solution in a family where all these OSs are in use.
I have used 1Password cross-platform on iOS, macOS and Windows for several years. It is seamless and works quite well. Can’t say about android.
we need to be able to edit the website url sometimes. The url saved is not always the one we need to login from. I've got one entry that the url leads to something for employees only when it should be leading to patrons, and there's no way to change it
You can. Edit the entry and click the website. Then add the new one. Leave both there, but you can also delete the other one if you want.
If Apple passwords adds secure notes and card management and also the ability to use passkeys on my windows device I'll fully switch.
I think this is great but I can’t believe they didn’t add credit cards. They have their own credit Brads now it would be great to have a credit card section. I can’t see changing just yet.
It is still in Safari as before (and saved in keychain). But it would be nice for them to add those to the Passwords app too. Send feedback.
well done!!
I'm still using Sonoma 14.6.1 on my Mac Mini, but have a password related question. Right after I upgraded to 14.6.1, several sites I visited in Safari didn't recognize my Touch ID (Magic Keyboard). I received a prompt to type in my user ID to activate AutoFill, and after I did that, I was logged in. Sometimes after logging out and returning hours later, I'd get the same prompt to activate AutoFill - but not always. I've cleaned the TouchID key on the keyboard but that doesn't seem to have helped any. Any suggestions? Do you think upgrading to the new OS will help?
It is hard to say why you needed to enter your code at those particular times. In general, Touch ID is a shortcut for entering your password. A variety of things can trigger macOS to make you enter your passcode again, all security-related. The idea is not to be able to use Touch ID 100% of the time, but a large percent of the time.
@@macmost I did not know that. Thanks for the quick response!
Import option only available on mac and not on iOS/iPadOS 😢
Great video, Gary. I was hoping you would be doing one for the Password App. Would love to see a follow up with details on how to import passwords using a CSV file from another password app. Specifically, what fields get imported, and what text needs to be in the CSV file header fields? I want to do this but I have 100 plus passwords to import, many with notes I want to import
It is going to vary depending on the app you are exporting from. So not possible to do a video unless I want to dedicate a huge amount of time to using the other apps to test exporting and importing with all of them. Just try it with what you have. If you want to try a sample, it is easy to open and edit a csv file since it is just text.
Most password managers will have the option to export your data in CSV format; however not all will export the correct format.
As mentioned in another comment, I had been using Roboform password manager almost since its release, however its CSV was not formatted in a way that the Passwords app could read. My workaround was to export my Roboform data to CSV, import that data to NordPass (which I had tried last year); then export from NordPass to CSV, and import that to the Passwords app.
My problem is that the same site can have multiple passwords depending on which page I am inside that site and Safari would not know which password to autofill if they are all different. It presents one of them (independent of the subpage) and I have to remember which one is assigned to which subpage. It will not deduce it from the subpage.
You get a menu in those cases. So you can choose. For instance, if you have 3 passwords for a social media site as you manage different accounts, you can simply choose which to fill in.
If you have more than one gmail account on your mac, can you set a password to move from one account to another?
Yes, just create two Gmail (or any other site) entries in the passwords app and the Passwords pop-up will give you both to choose from when logging in.
@@jamesbrock_au5997 I know that. I am trying to stop another family member getting into my emails when they use another device which has my email available on.
Hey Gary, Can this work if l want to share my password for a website with a VA but I don’t want that VA to know the password?
I don't think so. I've not played with any system that allowed that, but I think the site would need to support something special, like at least passkeys, to do that.
I can see the passwords app in Finder-> Applications. But in Launchpad, It is no where. I have checked all pages of launchpad and even tried to use search in launchpad. I can access passwords app through spotlight. Same is the case with iphone mirroring app. I have tried restart and also safe mode. Can you help?
No idea why that would be the case for you. Try a restart, at least.
For someone who spends time working on multiple platforms, is there a way for Apples password manager to work with (share) their data safely with Windows and Unix platforms?
Nope, maybe in future, for now best use 1Password
I don't think there is anything with Unix. But there is with Windows. support.apple.com/guide/icloud-windows/set-up-icloud-passwords-icw2babf5e03/icloud
@@macmost - Sadly it might work for some users, but not for all. Password and address book/contacts sharing between windows and Apple devices hasn’t worked in years. Sorry.
@@Erin-Thor Two different things (contacts vs passwords). Have you tried the new Passwords feature in iCloud for Windows?
@@macmost - My CPU isn’t on the ‘supported’ list allow me to upgrade to windows 11, and as they serve their function and have proprietary software installed… they work for now under windows 10 pro. I’ve spent literally weeks trying to get it to work, Apple says it’s a Microsoft problem, Microsoft says it’s an Apple problem. I will check out that article you suggested later.
Does it save secure notes and attachments like Lastpass?
Notes, yes, I show that in the video. No way to save files though. On a Mac you have other ways to do that anyway.
@@macmost Yes notes as part of the website you are saving passwords too but i want stand-alone secure notes that i can note down other things that doesn't need URL or passwords just stored behind a master password. Hopefully they will add this facility in the future.
@@perrysrc Not sure what website you mean. The Notes app allows you to lock notes. But also any file you create (Pages, Word, TextEdit, etc) would work. Some apps let you encrypt the document. But even if not encrypted they are still protected as part of your whole user account.
@@macmost I don’t mean the notes app. Lastpass saves websites like Apple passwords but LP also lets you save secure notes which you can attach pdf’s or photos too. What I needed to know was does Apple passwords have the secure notes function or just password saving with just a note you can add like you showed in video.
@@perrysrc Yes, I understand. I'm just suggesting that you can use the Notes app to save things like that. As of now, Passwords doesn't let you have anything but text in notes. But you can use the Notes app (and many other methods) to save secure notes with attachments.
Thanks for the video, do you know where is the data stored ? In USA or Europe for European Users ?
Probably. But I don't think they reveal all the details. Is it security and privacy you are worried about? Because it is end-to-end encrypted anyway. See support.apple.com/en-us/102651
Gary, why doesn't Apple Id or Apple Account allow you to save your password or create a password to protect your account.
Not sure what you mean. You can't have an Apple Account without a password. Where is it saying you are not allowed?
@@macmost Sorry, It did not give me the ability to generate a new password and/or save it.
I have always had to make up my own password for apple id
@@paulschwarz6917 Where? Were you signing up for a fresh new Apple Account? In System Settings? Not sure how that would work as you'd need to be signed out of iCloud to do that, which means Passwords wouldn't work. Very unusual situation.
@@macmost I tried to change it before signing out and it still did not provide a suggested password. Sorry for the confusion. I have locked my self out now, so I will give apple a call. Thanks for your help.
Great, informative video! I really wish you could have more control over the auto-generated passwords, like increase the length, or have it use additional special characters, like !@#$%^&*, etc. Every password is 6 characters, a dash, six characters, a dash, and 6 characters, with only ONE of those 18 non-dash characters being a number. Granted they're still very strong, but they could be stronger!
The other limitation is sharing. Unless I'm missing something, you have to create shared groups for any passwords you want to share, and the password moves to that group, and becomes unavailable to any other shared group(s) you create. If I want to share a single password with one family member, and a different, single password with another family member, I have to have two separate share groups with one family member in each. If I want to share a third password with BOTH family members, it doesn't look like I can copy it into both share groups, because it only lets you put a password in one shared group at a time. I think that means I have to create a third share group and put those same family members both in it!
where is the certificate and keys in the new password manager
The Passwords app doesn't handle those. If you work with those you would use Keychain Access like always.
How about showing us how to use time machine to get a email back in Sequoia. I had no luck in doing that.
Email is typically a server-based service. For instance, iCloud email is in iCloud, Google email is on Google's servers, etc. So if you have become disconnected with your email provider, simply log back in.
This is different with the Chrome browser. 8-(
There is an extension for Chrome you can get. iCloud Passwords by Apple, Inc.
Bitwarden
First
👍🏼🥇🏆👍🏾 Awesome! You win a free… 🤷🏽♂️ something… but I have no clue what. 😂
@@Erin-Thor lol 😂
@@Erin-Thor Maybe a wooden Yoyo with the string of the same metal……