New Apple iPhone app proves how difficult it is to crack online passwords | Wilnesh News

For years, cybersecurity experts have predicted the death of passwords online as more advanced login features, from facial recognition to multi-factor authentication, become more common. But Apple seems to have accepted that passwords aren’t going away anytime soon. The new Password app, launched earlier this week at Apple’s WWDC 2024, is another solution to help protect online accounts and manage multiple logins. This doesn’t change the fact that keeping all your login information in one place still poses risks.

“Passwords are really hard to get rid of,” said Andras Cser, vice president and principal analyst at Forrester.

The new Passwords app for iPhone, iPad, Vision Pro, Mac and Windows lets users store all their passwords, including verification codes, app passwords, Wi-Fi passwords, keys and more. The product is similar to other password managers on the market, including 1Password and LastPass.

“You can’t underestimate the power of a pre-built solution like this with built-in password security,” said eMarketer senior analyst Gadjo Sevilla. “That’s probably going to attract the majority of Apple customers to the feature. It’s convenient and it’s right there.”

Passwords are a risky method of online security

But that doesn’t change the fundamental concerns about users relying on passwords as their default method of online security.

“Here’s the move: eliminate the need for any password manager and simply move to push notification-based authentication, biometrics or key-based one-time passwords,” Cser said. “Giving up your passwords may be the right message, rather than using a free or upgraded password manager.”

Password hacking attacks are on the rise, IBM reports 71% growth Number of attacks using valid passwords in 2023 compared to 2022. Verify login. This helps eliminate the biggest cybersecurity risk: People often have poor password hygiene, including using the same password across accounts, which means if that password is stolen, a hacker will have access to all of them.

Apple’s key system Keychain is only applicable to products under its iOS operating system. This new password app includes more system compatibility, including Windows and different types of login authentication. The company hasn’t said it will include any Google or Android passwords, which include many accounts.

A password manager, such as the Apple Password app, can securely record different passwords, passwords, and logins under secure accounts. They do provide extra protection: Research from Security.org found that people who don’t have a password manager are three times more likely to fall victim to identity theft. But neither the free nor the paid version of the manager can completely eliminate risk.

“They’re Band-Aids or wraps,” Chesser said. “Passwords are very vulnerable and already have a role to play in protecting any kind of application or resource and data. So, no matter whose tool you choose, it’s going to put all your eggs in one basket, right?” ”

As of press time, Apple had not responded to a request for comment.

There are concerns that if Apple holds all the digital keys to everyone’s passwords, people may be more vulnerable if the company is hacked. It’s not impossible: Apple’s iCloud was hacked in 2014, resulting in the leak of many celebrities’ private photos. LastPass was hacked in 2022, but customer data was not stolen.

“One of the security concerns ever is that anyone who gets your Apple ID and password can access your iCloud Keychain or Passwords app, because that’s really the key authentication required to securely access those stored passwords,” ” said Sevilla.

Apple, personal data, and privacy

Still, protecting large amounts of personal data is nothing new for Apple, and it has a relatively good track record of building its brand around privacy. It also takes a tough stance on sharing information with unauthorized third-party apps. Early changes starting with iOS 14.5 require users to opt-in to data sharing and block tracking apps, which is detrimental to digital advertising companies like Facebook that rely on this information for ad targeting.

“Apple is a services company,” Sevilla said. “They have billions of credit card numbers. You can’t underestimate the effort they put into securing the locks, and those are tied to Apple IDs, Apple passwords. So I think if you follow that example, they’re probably considered better than standalone apps. The procedure is much safer.

Broader data-sharing issues were raised at WWDC about Apple’s partnership with OpenAI, which Apple uses to allow Siri to access ChatGPT. Some, including Musk, worry that allowing OpenAI to access Apple user data could constitute a potential security breach. OpenAI uses user data and behavior to train its artificial intelligence models.

While this is highly unlikely because users share passwords with Apple and Apple shares data with OpenAI, cybersecurity experts say it poses at least a theoretical risk that OpenAI could use logins to view personal data to for its learning purposes.

Apple reiterated its commitment to data privacy at WWDC 24. sex. Apple said that if a request needs to be sent to a cloud server, it will only send a limited selection of data in an “encrypted” secure manner.

“We’re not going to send this data to some cloud,” John Giannandrea, Apple’s senior vice president of machine learning and artificial intelligence strategy, said at the event. “Because we want everything to be very private, whether it’s running locally or in the cloud.” This is how we want it to be run so we can use your most personal data.”