Safari lets you create strong passwords and save them when you create new accounts or log into existing ones on the web. You can access these passwords in Safari preferences or using the Keychain Access app. Thanks to iCloud, these passwords can sync across your devices allowing you to use strong secure passwords on your iOS devices as well as your Macs.
1. Occasionally, when I enter a password manually, Safari does not ask to save it and it does not show up in keychain. This seems to be a random occurrence. What's going on?
2. Most of my financial accounts, banks, investments, etc. do not auto fill the password when I go to the site. This would be the most important use of the random password feature. Any logic or solution to this?
Safari only knows that a field is a password field because the website developer uses "normal" identifiers for the field. If a developer uses something unusual, then Safari has no way of knowing that it is a password field.
I also believe that some sites specifically obfuscate the field identifier, or do something else to turn off this functionality for a web page. Probably thinking that they are helping people (so they don't use this function on a "public" computer). But you'd have to have an expert review each instance on a case-by-case basis to know for sure.
Ron
10 years ago
I have been reticent to use Safari-generated passwords because I often use non-Apple computers in my adult children's homes as well as pcs in the office. I suppose I could log into iCloud each time to review the Keychain, but that seems too cumbersome. Safari-generated is great if one stays within the Apple system, but I'm not confident in its usability across other browsers. Advice?
If you have an iPhone, you could simply use the Settings app to access your Safari saved passwords so you could type them when visiting another computer.
Otherwise, your only other option is to use weak passwords that you can memorize. But that is not an option anyone should use. Better to write down the strong passwords on a piece of paper and carry that with you than to use weak passwords. Maybe leave out the last few letters of a password and memorize that instead.
Carrying around metal keys to get into your house is also cumbersome, but no one would think of just leaving their door unlocked as an alternative. Using a weak password is like leaving your door unlocked.
Depends on whether you are using a weak password or a strong one. For the best security, use a unique strong one, plus two-step: https://support.apple.com/en-us/HT204152. Then password-protect your Mac and iOS devices too, of course.
JoeAllen
10 years ago
About 10% of the time, Safari enters an incorrect password and my sign-in is rejected. When I eventually over-ride Safari with the correct password, Safari does NOT respond in any way. I think this is a BUG that Safari needs to fix.
Daniel Quinlan
10 years ago
Sometimes, the password from Keychain does not get filled in on an iPhone, but I know of no way (like Keychain) to see the password on the iPhone, and oftentimes the mac is a long way off. Do you know any way around this?
You should switch to two-step authentication to be even more secure.
brad
10 years ago
Thanks! I looked that up (what a drag). What would you use if you had no smart phone & never used the computer outside the house?
brad
10 years ago
I didn't mean, "What would you use..." meaning other than two-step authentication. I meant, "What would you use to implement that, given that I have no smart phone & don't use other networks."
If you had no phone then you can't use two-step, really. Though you can use it with an iPad or iPod touch.
I guess you are just stuck with using a very strong password and using the Keychain to remember it, or a third-party equivalent like 1Password or LastPass.
I would also caution you to not use real answers to security questions. They are too easy to guess. Answer questions like "What was the name of your high school" with random strong passwords and then print them out and store them in a safe place (or two).
George
10 years ago
How secure is this password manager compared with others like LastPass or KeePass?
I'd imagine they are about the same as I would think they would use the same basic encryption. But you'd probably need to go to a security/encryption expert for a detailed answer.
Shirley Hershey
10 years ago
How do I convert all the passwords that I have already created so that I can start all over and have Safari create new passwords and be sure they will be synched with all my Apple devices?
To use an existing password, just log in to that web site and Safari should ask to keep the password. Better than that is to use the site's "change password" function, and this time let Safari generate one for you.
Lowell Sheinkin
10 years ago
Can I use the Safari password generator with Version MAC OSX 10.7.5?
I can't remember which version of OS X it was introduced in, but I'm pretty sure it doesn't go back that far.
Rich Marloff
10 years ago
The automatic password generation feature does not seem to work for me. I've tried setting up new accounts at several sites but I do not get the password generation option when I click on the password field. The saved password option works fine. Am I missing something? Am running OS 10.10.3.
1. Occasionally, when I enter a password manually, Safari does not ask to save it and it does not show up in keychain. This seems to be a random occurrence. What's going on?
2. Most of my financial accounts, banks, investments, etc. do not auto fill the password when I go to the site. This would be the most important use of the random password feature. Any logic or solution to this?
Safari only knows that a field is a password field because the website developer uses "normal" identifiers for the field. If a developer uses something unusual, then Safari has no way of knowing that it is a password field.
I also believe that some sites specifically obfuscate the field identifier, or do something else to turn off this functionality for a web page. Probably thinking that they are helping people (so they don't use this function on a "public" computer). But you'd have to have an expert review each instance on a case-by-case basis to know for sure.
I have been reticent to use Safari-generated passwords because I often use non-Apple computers in my adult children's homes as well as pcs in the office. I suppose I could log into iCloud each time to review the Keychain, but that seems too cumbersome. Safari-generated is great if one stays within the Apple system, but I'm not confident in its usability across other browsers. Advice?
If you have an iPhone, you could simply use the Settings app to access your Safari saved passwords so you could type them when visiting another computer.
Otherwise, your only other option is to use weak passwords that you can memorize. But that is not an option anyone should use. Better to write down the strong passwords on a piece of paper and carry that with you than to use weak passwords. Maybe leave out the last few letters of a password and memorize that instead.
Carrying around metal keys to get into your house is also cumbersome, but no one would think of just leaving their door unlocked as an alternative. Using a weak password is like leaving your door unlocked.
Direct & helpful; thank you, Gary!
How secure is my icloud account against hacking?
Depends on whether you are using a weak password or a strong one. For the best security, use a unique strong one, plus two-step: https://support.apple.com/en-us/HT204152. Then password-protect your Mac and iOS devices too, of course.
About 10% of the time, Safari enters an incorrect password and my sign-in is rejected. When I eventually over-ride Safari with the correct password, Safari does NOT respond in any way. I think this is a BUG that Safari needs to fix.
Sometimes, the password from Keychain does not get filled in on an iPhone, but I know of no way (like Keychain) to see the password on the iPhone, and oftentimes the mac is a long way off. Do you know any way around this?
You can always go into Settings, Safari, Passwords & Autofill, Saved Passwords to see your passwords.
for some sites, i don't bother remembering a password & just have one emailed when i need to get in there
...apple has a reset that's a little more trouble because you have to generate a new one each time but is probably more secure
You should switch to two-step authentication to be even more secure.
Thanks! I looked that up (what a drag). What would you use if you had no smart phone & never used the computer outside the house?
I didn't mean, "What would you use..." meaning other than two-step authentication. I meant, "What would you use to implement that, given that I have no smart phone & don't use other networks."
If you don't have a way to receive two-step codes, then you can't use two-step. No way around that.
If you had no phone then you can't use two-step, really. Though you can use it with an iPad or iPod touch.
I guess you are just stuck with using a very strong password and using the Keychain to remember it, or a third-party equivalent like 1Password or LastPass.
I would also caution you to not use real answers to security questions. They are too easy to guess. Answer questions like "What was the name of your high school" with random strong passwords and then print them out and store them in a safe place (or two).
How secure is this password manager compared with others like LastPass or KeePass?
I'd imagine they are about the same as I would think they would use the same basic encryption. But you'd probably need to go to a security/encryption expert for a detailed answer.
How do I convert all the passwords that I have already created so that I can start all over and have Safari create new passwords and be sure they will be synched with all my Apple devices?
To use an existing password, just log in to that web site and Safari should ask to keep the password. Better than that is to use the site's "change password" function, and this time let Safari generate one for you.
Can I use the Safari password generator with Version MAC OSX 10.7.5?
I can't remember which version of OS X it was introduced in, but I'm pretty sure it doesn't go back that far.
The automatic password generation feature does not seem to work for me. I've tried setting up new accounts at several sites but I do not get the password generation option when I click on the password field. The saved password option works fine. Am I missing something? Am running OS 10.10.3.
Could just be the sites you have tried so far. Check your Safari Preferences under AutoFill to see if maybe you have turned something off.