Ricky MondelloJul 12, 2023

‼️🔑 macOS Sonoma brings Apple’s password manager to Google Chrome, Microsoft Edge, and other browsers using their extensions stores with the “iCloud Passwords” browser extension.

You can AutoFill passwords and one-time codes, save new passwords, and right-click QR codes to set up code generators.

If you’re running the macOS Sonoma public or developer beta, you can try it right now!

Chrome: https://chrome.google.com/webstore/detail/icloud-passwords/pejdijmoenmkgeppbflobdenhhabjlaj
Edge: Coming soon.

[*] I am not breaking news here; this is public information.

iCloud-Passwörter

Verwende mit „iCloud-Passwörter“ bei der Anmeldung auf Websites in Chrome Passwörter aus dem iCloud-Schlüsselbund.

Show threadRicky MondelloJul 12, 2023

How this works: the existing “iCloud Passwords” browser extension that Apple ships for Chrome and Edge in conjunction with iCloud for Windows works out of the box on macOS Sonoma.

We don’t have support for Mozilla Firefox at this time, but it’s a request I understand.

Show threadLeon CowleJul 12, 2023

@rmondello Passkeys. MFA codes. Password sharing. Chrome support. The Apple password team is knocking it out the park!

I think it’s time for me to review my use of a paid-for 3rd party password manager!

Show threadtaylor Jul 13, 2023
@leoncowle @rmondello imho, i still would use a third party password manager, ios has a 1 factor security model to unlock almost everything (not including physical possession )
Show threadNicolas GrillyJul 14, 2023
@tay @leoncowle @rmondello I think it is still two factors: something you have (your device), and something you are (your face or fingerprint) or you know (your passcode).
Show threadtaylor Jul 14, 2023

@ngrilly @leoncowle @rmondello I think my main problem is how much trust is put into the pincode on the device. With a pin code you can access: the phone and its data, all passkeys, saved paswords &2FA, change the Apple ID password & change 2FA.

Of course, users should keep their pin safe, but it's common for people to ask someone they know to read a text while they have their hands busy, or, you can look over someone's shoulder and read their 4/6 digit pin.

Show threadNicolas GrillyJul 14, 2023
@tay @leoncowle @rmondello I just tested again on my iPhone and my earlier comment was incorrect. I can't use the passcode to login with a passkey. I have to use FaceID. And I have to confirm the login using FaceID even if my phone is already unlocked. So there is no way someone using your phone can use that to connect to another site or app. That stuff has been really really well thought out.
Show threadtaylor Jul 14, 2023
@ngrilly @leoncowle @rmondello Nope. If you cover your face id sensor and tap the icon to retry a few times it will eventually give you the option to use your pin code. In other apps it asks you to enter the password for that app
Show threadNicolas Grilly
@tay @leoncowle @rmondello I didn't know. I just tried and it did exactly as you described. Good to know. Thanks for sharing!
Jul 14, 2023 at 4:17pmWeb