Apple syncs passwords through iCloud. It uses mechanisms to keep it safe from everyone, including Apple. iCloud Keychain syncs passwords across all Apple products, including iPhones, iPads, and Macs logged in with the same iCloud account. To enable this, select Settings> Account Name> iCloud (iOS/iPadOS), iCloud Settings (Mojave or earlier), or in the Apple ID Settings window (Catalina or later) in the iCloud section.
By the way, when you first install an iPhone, iPad, or Mac on a new device, or create a new macOS account, Apple prompts you to enter the passcode or the passcode displayed on the screen of another Apple device. When you first encounter this window, it feels like malware. That's because it's completely different from what you see on the Apple support site. However, this is a very natural process in the context of Apple protecting user data without accessing the user's password data.
 |
| This window may sound suspicious, but it's not like phishing. It's a smart authentication process for iCloud Keychain. |
The iCloud keychain and other information, such as facial recognition in photos, are encrypted using keys stored on individual user devices. These keys are created by Apple's operating system, but are stored only inside the device, and are not shared or transferred elsewhere. This encrypted data can be synchronized and only the user can decrypt it. This is why it is not possible to connect to iCloud. Technically, there is a way to do browser encryption without sending this key to the outside. Some vendors, including 1Password, offer this approach in their technology ecosystem. But from the Apple device side, this isn't a sensible way.
In iCloud Keychain, adding a device means registering it as one of a set of devices. When a user purchases and registers their first Apple device, Apple prompts the user to enter a security code or authenticates using an Apple ID login. It's the only device, so you can't do this with other devices. On the other hand, if you buy a second or third Apple device and add it, Apple does this in a different way. By minimizing this process by using a password or a passcode of a previously registered device, or by expanding the security settings on the first device to the second device once the user is verified, it is linked.
When entering passcodes or passcodes that appear on other devices on iOS, iPadOS, and macOS, Apple uses it to open the encryption keys required by the iCloud Keychain. In this process, Apple has no access to device password information. It is encrypted on the device that matches the password and is decrypted only when the user enters the same password. For most users who are unfamiliar with encryption, this process can seem ambiguous and even suspicious. To alleviate this user's anxiety, Apple provides a guide to it on its website.
0 Comments