If you aren't using a third-party password manager, you should be at least using Safari Passwords. This allows you to create strong unique password for your online accounts without having to remember or type them. You can even use those password on your other Apple devices through iCloud.
You can also watch this video at YouTube.
Watch more videos about related subjects: Safari (150 videos), Security (133 videos).
You can also watch this video at YouTube.
Watch more videos about related subjects: Safari (150 videos), Security (133 videos).
Video Transcript
Hi, this is Gary with MacMost.com. Today let's take a look at using the built-in Safari Password Manager.
MacMost is brought to you thanks to a great group of more than 800 supporters. Go to MacMost.com/patreon. There you can read more about the Patreon Campaign. Join us and get exclusive content and course discounts.
So to keep all of your online accounts secure you should be using strong unique passwords for each site. To do this you really need to be using a Password Manager. Now you don't need to get a third party Password Manager as you've got one built into the Safari browser on your Mac and it also talks to the Safari browsers on your other devices. So let's take a look at how it works. Here I have an example registration page. Like you're going to signup for a new website. Usually you're asked for your email as your User ID. Then you're asked to enter a password and verify it. Now, in Safari if you click here to enter in a password you may be prompted right away asking if you want to generate a random password. But even if you're not you'll look on the right here and see this little key button. Click that and you can request a password. So let's suggest a new password and you could see how Safari generates a random password and it enters it in here. Both in the password and in the confirmation field. It's so important that you use a computer generated random password like this. Anything you come up with in your head is going to be far more likely to be guessed than an actual random password. The only downside is it's hard to memorize and enter a password like this. But with a Password Manager you never have to. The Password Manager, in this case the Safari browser itself, is going to enter the password for you. You don't have to memorize it. You never have to type it.
So we see how Safari gave us a randomly generated password pretty easily. But how do we store it. Well you don't have to do anything additional to store it. All you need to do is finish the form and then Safari will remember this password. So now let's say we go back to the site and we have to login again. I'm going to click here to enter my email. You can see Safari recognizes that this is the place to enter in my ID and my password. It actually shows me a list of passwords associated with this site including the one I just entered in. So I just select this email address and it enters in the email address as my ID and the password right here. Now I click Log In and I can login. I didn't even have to see the password let alone type it.
So where can you see a list of your passwords? Well, if I go to Safari, Preferences and then I click on Passwords at the top. Then I have to enter in my User Account Password. Now I see a list of passwords that Safari has stored. You can see the User Name here and the password is hidden. Here's that one I just created. By selecting it it actually shows me the password. I can double click it or click details here to make changes if I want. Also notice I have the ability to add manually a password. I can also remove an entry there.
Now what would happen if I already have an account at a site but I haven't yet stored it in Safari. When I go to sign in it'll remember that password as well. So I'll enter in a User ID and I'll type the password that I already know. Now I'm going to type a weak password here on purpose to demonstrate. I'll click Log In. Now you get this prompt here asking whether or not you want Safari to save the password. So I'm going to click Save Password. If I click Not Now it would ask me again the next time I logged in. But the other option there is Never bother me about this password ever. Now when I go to Safari, Preferences and Passwords you could see it saved it there. Notice I have this little yellow caution symbol here. Why? Because I entered in a very weak password there and if I click on it you can see this password is easily guessed. It will also give me other security alerts. Like if the password I'm using is insecure because it's currently being used to break into accounts. In other words I didn't create a unique password. I'm reusing one or perhaps my account itself has been compromised. Whenever you see one of these caution symbols you should change the password on the website.
To do that just go to the website and go through whatever the process is for that site to change your password. When you do that Safari is going to prompt you to save the new password. Just like I showed you before when you used the password at a site for the first time. By the way, if you clicked the option not to save the password this is what you get. It saves the site with no user name and a password set to Never Saved. If you want to reset that, so you can save the password later on, all you need to do is select it and then Remove and now you'll be able to save that password the next time you log into that site.
So saving a password in Safari protects you in a few different ways. First it allows you to have a random unique password for each site which is the most secure way to do passwords. They can be these long random strings of characters because you're saving them in this Password Manager. You don't have to type them manually. Because let's face it if we had to type all of our passwords manually we would probably all use shorter passwords that look like the words, or dates, or names and you would probably reuse the same passwords over and over again. Using a Password Manager means everyone can be long, random, and unique. This also protects you from fishing attacks. The way a fishing attack works is say you get an email that seems to be from a website and it tells you there's a problem you need to log in right away. You click on a link in that email and it takes you to something that looks just like that website. You can't tell it's not! If you look at the URL maybe it's even close to the actual URL. Maybe instead of say in my example here macmost.net it is macmost.xyz123.net. You think you're at the right place. But it's somebody else's website entirely. Then you enter your email address and your password. Now they have captured your ID and password. They've stored it and they're going to go back and try to log into the actual site. How using a Password Manager like we are here in Safari protects you from that is when you go to a site like macmost.xyz123.net it will look up the actual site. You can't fool it. So it's looking for xyz123.net and it can't find a password for that site. So it doesn't give you anything here to be able to log in.
Now another great thing about storing your passwords in Safari is it syncs across all of your Apple devices using iCloud. To sync your passwords to the other Apple devices go into System Preferences and then to your Apple ID and make sure Keychain is turned on. The passwords are stored in something called the Keychain. You actually have an app on your Mac called Keychain Access that allows you to look at the Keychain. But for most users you never have to use that. Just access the passwords in the Safari Preferences. As long as this Keychain functionality in iCloud is turned on you should sync the passwords to iCloud and then to your other Apple devices like your iPhone or iPad. So when you store a website password, say on your Mac, you also have access to it on your iPhone. So here, for instance, you see me going to the same site on the iPhone and it prompts me to use the password that I've stored. Also if you go and sign up for a website on your iPhone it will suggest a password and save it so then it's available on your Mac. Also on your iPhone you could go into Settings and there you can go to the Password section and find those entries. So if you need to be able to see the password and perhaps copy and paste it into an app or maybe into a different browser you can.
So I'm often asked which Password Manager you should use on your Mac. There are a lot of good ones out there. 1Password and LastPass are really good password managers and there are others as well. But for most users, if you're not using a Password Manager now, start off by just using Safari. Let Safari save your passwords. You get the primary functionality available in all password managers built into your Mac, synced automatically without having to pay for and learn a new app. But if you want you could still use a third party Password Manager and Safari at the same time. That's what I do. When I create a new password at a site I save it in both 1Password and in the Safari Password Manager. It's easy to do so. It's just two clicks instead of one. Then most of the time I find it easiest just to let Safari enter the password in when I go to log into that site again. But I also know I've got it saved in my other Password Manager as well. But for most Mac users, if you're not using a Password Manager now, just start using Safari to save your passwords and let that allow you to have good strong unique random passwords for every website and service you use.
I use the safari password manager and it works fine most of the time but there have been times that a website rejected the random password created. Have you experienced that?
Could it be some websites have a different protocol that doesn’t accept the safari generated password? If so is there a way to make a website accept the safari password?
Thanks,
Mike
Michael: Sometimes developers make some poor decisions. I have seen sites that want a short password, or ones that don't allow some characters, etc. But those things are getting rarer. You can always take the password and manually enter a variation of it, fixing it to meet the requirement.
Great video Gary, as always. 😀
Gary, yes this works great. I went through about 4 years ago and changed all my passwords to strong ones using Safari Keychain. And yes there were/are a few sites that won’t except certain characters and a few that didn’t even prompt me for a unique password. Not sure why that happened. Great video. Thanks
Gary, I use Keychain and also One Password. The latter is driving me crazy always trying to get me to use it. Can I simply stop using that service? Is there anything i would be missing out on?
Ronald: You can stop using it, sure. If you don't need any of its unique features, then you won't be missing out. But it is hard for me to say without knowing how you use it now. Also, note there are plenty of settings for 1Password that you can customize so it appears in fewer places and only when you request it.
I stopped using 1Password awhile ago, and I'm quite happy using only the Safari/Keychain feature. Gary: Please consider making a specific Keychain video, with tips how to use secure notes, the difference between login and iCloud chains etc.
Michael: Secure notes are pretty straightforward, you just make them and access them in Keychain Access. But I don't think you can access them at all on iOS. As for login vs iCloud -- use iCloud for anything you make as login is just the local keychain for that Mac (that Mac login) and iCloud is what will be saved to iCloud and you'll see on other Macs and in iOS.
Unfortunately, I need to use my employer's Windows laptop for work and they've locked the browsers down so Safari passwords are not an option for me. I can use Firefox to sync logins on both mac and windows, which works in a pinch.
But, I tend to rely on saving passwords via 1Password on my Mac so I can access passwords via 1Password on my iPhone when I'm at my Windows laptop (God, that was a complicated sentence!). 1Pwd on my iPhone is handy for that and for secure notes.
If I am using Safari passwords, can I open a website with chrome and will safari passwords enter the password automatically?
Garth: No. Chrome has its own system using your Google account. A third-party password manager would work between both.
Is there a way to copy the Safari passwords from Safari to Chrome? Sometimes some websites almost force the use of Chrome, especially banking....thank you.
Robert: You'd think that banks of all places would want you to use a more privacy-oriented browser. You'd just have to go into Safari, Preferences and copy the password, then paste it into Chrome. But don't make the mistake of thinking that because a bank site didn't work for you in the past, that it won't work today. Give it another try. And if it still doesn't work, make Sure you complain to your bank.
Hi Gary -- great video as usual. I use Roboform as an additional password manager. One question -- when safari suggests a password -- initially -- the whole password is not visible. Can you copy and paste that password without going into System Preferences? I do use both safari and Roboform.
One draw back is with all these apps like on Apple TV or Firesticks -- typing them in really is a challenge.
Best wishes and stay safe!
Steverino: You can't copy right there and then. As for entering in passwords in Apple TV, you should get prompted to use your iPhone as a keyboard and from there you can actually access your iCloud passwords on your iPhone so you don't have to actually type it.
Hi Gary:
I also use both Safari and One Password. Is there a way to stop Safari offering a password suggestion on a new site? I find that Safari auto fills in a suggestion, but I prefer to generate with One Password. Just wondering if there is a way to shut this off.
Thanks
Scott: I don't think so. But they are easy to ignore. After all, how often do you need to set up a new account at a new site you are joining?
I watched this one with interest because I am 88 years old and was worried about remembering the generated passwords. You have convinced me to use them. The question now is how to I go about replacing the weaker passwords I have been using and is it reasonable to assume that all sites e.g., dropbox would be accessed through safari or are there many 'stand alone' sites?
Barry: You have to do it on each site in the way the site wants. So go to one site, go into your account settings / profile / user preferences or whatever they call it on that site. Then look for their "change password" functionality there.
I am interested in your thoughts regarding the security of Apple's Password Manager vs others on the market.
Deborah: All of them are way way more secure than using weak or non-unique passwords. Relative to each other they all have advantages and disadvantages, depending on how you use them. iCloud is secure enough for almost all Mac users, especially if you are using two-factor authentication.
Hi Gary
I have successfully changed many current password to the ones created.
Thanks for your recommendation ......nowever
When I try to do it on my Apple ID it will not show me the suggested long password
Hope you can help
Bert: Current password for WHAT? What do you mean by "When I try to do it on my Apple ID" -- do what (login? change password?) And WHERE, exactly? There are many places where you can do things to or with your Apple ID.
Sorry Gary, I should have been clearer
When I click on the Apple ID and select Password and Security, then select change password, an applet appears where I can type my new password but it does not show the long password created by Safari as it does with all the other apps I have successfully changed the password of
Hope this explains it better
Thanks in anticipation
Bert: Do you mean in System Preferences? You'll need to create your own password for this. Your Apple ID is one you will actually have to type from time-to-time. If you aren't using a third-party password manager, you can use a function in the Keychain Access app to create a random password. I have an old video on how to do that, but it still works pretty much the same way: https://macmost.com/creating-passwords-with-keychain-access.html