Passwords & Privacy

Securely store and share your passwords and get notified when your passwords are weak, reused, or may be part of a data leak.


Passwords can securely store your saved account information such as your passwords, passkeys, one-time passwords, and associated user names or email addresses. When you are prompted to enter your account information, such as in an app or within a website, Passwords may automatically help you enter your information. Information stored in Passwords is encrypted on your device, and cannot be viewed by Apple.

Passwords may suggest actions for you to take to improve the strength of a password. For example, Passwords may inform you that a saved password is weak, is reused across multiple accounts, or is commonly used. These suggestions are based solely on processing that occurs on your device.

The Detect Compromised Passwords feature in the Passwords app may also inform you if one of your passwords has been compromised in a data leak, without revealing your accounts or passwords to Apple. This feature uses strong cryptographic techniques to regularly check derivations of your password against a list of leaked passwords in a secure and private manner. Apple will send to your device a list of common passwords that are present in data leaks. For your passwords that are not in this list, Passwords will send information calculated from your passwords to Apple to check if the passwords may be present in a data leak. You will receive a warning for any passwords that are determined to possibly have been included in a data leak. Your actual passwords are never shared with Apple, and Apple does not store the information calculated from your passwords. You can disable this feature at any time by going to Settings > Apps > Passwords > Detect Compromised Passwords.

If you have iCloud Passwords & Keychain enabled, you can share passwords, passkeys, one-time passwords, and associated information with others, including groups. When you share information in the Passwords app with a group, anyone in that group will be able to modify or delete the entry. When someone joins a group, they will have access to all entries shared to the group. When someone leaves a group, they keep any entries they shared with the group, but lose access to entries shared by others in that group. Sharing of entries is end-to-end encrypted, and Apple cannot view the entries you share.

Information deleted in the Passwords app can be recovered for up to 30 days, unless removed earlier.

Passwords may display an icon next to an entry. If the entry is related to a website, the icon may be obtained from that site by downloading the icon using two separate relays operated by different entities. The first knows your IP address, but not the icon Passwords downloads. The second knows the icon you are downloading, but not your IP address, instead providing a generalized identity to the destination. This way, no single entity has the information to identify both you and the icons you download.

At all times, information collected by Apple will be treated in accordance with Apple’s Privacy Policy, which can be found at www.apple.com/privacy

Published Date: November 6, 2024