Los informes de una fuga masiva de datos de 100 millones de cuentas en T-Mobile deberían alentar a cualquier usuario de Apple a volver a verificar la contraseña y la seguridad de la cuenta. A continuación se explica cómo hacerlo con Keychain.</p><h2><strong>Llavero ICloud al rescate</strong></h2><p>El administrador de contraseñas integrado de Apple se llama iCloud Keychain. Almacena de forma segura la información de su cuenta guardada, como nombres de cuentas y contraseñas en todos sus dispositivos conectados. Automáticamente ingresará esta información cuando acceda a una aplicación o servicio.
It is a useful tool to help manage better security habits. Many prefer to use cross-platform services like LastPass, Dashlane, or 1Password for this task, even though these same services can be vulnerable to attack. Apple has iterated on its password management tool since its introduction. Starting with iOS 14, it now warns you of the following security weaknesses:
- Weak passwords: When you use a password that is used a lot or is easy to guess. Passwords are considered easy to guess when they use words found in a dictionary or use common character substitutions, keyboard patterns, or sequences like 1,2,3,4. You will also be prompted to change your password if you are using the same password to access multiple sites.
- Disclosed passwords: When a password appeared in a data breach, like the one recently revealed at T-Mobile. This system uses a constantly updated and organized master list of known leaked passwords. Password Manager uses strong cryptographic techniques to check your passwords against broken password lists so your own passwords are never shared.
- Here is more information on how it works.
How to use iCloud Keychain
Set the system in Settings > iCloud > iCloud Keychain on iOS devices, or System Preferences > Apple ID > iCloud > iCloud Keychain on Mac. Just switch the feature to On. Once you've enabled it, Keychain will collect your passwords across all your devices when you access websites and services while it's in use.
How to check the strength of your password
To verify the password strength in iCloud Keychain, follow these steps:
On a mac
- Open Safari.
- From the Safari menu, open Preferences, then choose Passwords.
- You'll need to sign in to access your passwords using Touch ID, your Mac password, or by authenticating with your Apple Watch.
- You will see a list of sites that use a weak or exposed password, indicated by a yellow warning triangle.
- Double-tap this triangle to find the reason the password is being flagged and to find a link to the affected site where you can change it to something more secure.
- You can also press Details to access this information.
- Touch Delete to remove a password.
On an iPad or iPhone
The system is better on iOS because it makes the information you find more visible. To check the status of your passwords on iPhone or iPad:
- Open Settings > Passwords.
- You will need to sign in with your password or Touch/Face ID.
- You'll find an alphabetical list of your passwords, with a section titled Safety recommendations on top.
- la Safety recommendations This section usefully informs you about the number of risks detected.
- Touch it and you'll find a toggle to disable the compromised password detection system, which I suggest you don't use.
- You'll also find a complete list of all your most compromised passwords, what the problem is, and why you need to fix it.
- Touch any item in the list to learn more about that password, with a link that takes you directly to the website where you can change it to resolve the issue.
Note: Deleting a password in iCloud Keychain doesn't actually delete your account; you must do it yourself on the affected site.
What else does Apple do?
Apple in 2020 made a collection of password management development resources available to the open source community. This includes collections of websites known to share a common login system, links to parts of certain websites where users change passwords, and information about the specific passwords allowed by certain services. The company also provides the Sign In with Apple system, which can use Face ID and/or Touch ID and your Apple ID to create highly secure logins. Starting with iOS 15, Apple will also integrate Google Authenticator into the system, which means you'll be able to generate verification codes for additional login security. If a site offers two-factor authentication, you'll be able to set up verification codes under Passwords in settings and these should be filled in automatically when you sign in to the site. Apple is also rolling out a new passkey system that can be used to replace passwords with biometric (Touch/Face ID) authentication. Apple takes security seriously (most of the time) and, like most big tech companies, is now working to develop an infrastructure that will replace passwords with other forms of login access. However, we're not quite there yet, and the latest data breach should be reason enough for any corporate user to confirm that their passwords are still secure. Follow me on Twitter or join me on the AppleHolic bar & grill and Apple discussion groups on MeWe.
<p>Copyright © 2021 IDG Communications, Inc.</p>