Feed
 

iCloud keychain and passkeys

Avatar Richard I
Can anyone explain why Apple seems to want me to enable iCloud keychain in order to be able to use passkeys?
(-I only want passkeys to be accessible on selected devices, not on all my devices)

I have looked on the Apple help pages but they just concentrate on how to do it -not why
Thanks!

Re: iCloud keychain and passkeys

Avatar Mick Burrell
It's because everyone except you wants it on all devices ;-)

Re: iCloud keychain and passkeys

Avatar Tony Still
I only have a subset of my passwords on my phone and would hope to do the same with passkeys. My reason is that the phone goes out and about with me and the keychain is unlocked while I'm using the phone so it's wide open if it should be snatched.

My other excuse is learned paranoia...

Re: iCloud keychain and passkeys

Avatar Richard I
I wish to do exactly the same as Tony describes. unfortunately, it seemed to me that if you wanted to use pass keys you had to enable iCloud Keychain and therefore allow all your other passwords to be accessible by your other devices.
I am more than happy to be proved wrong!

Re: iCloud keychain and passkeys

Avatar Tony Still
The new '26' OSs apparently offer export/import of individual Passkeys between two devices (including Macs, iPhones and iPads). This looks like a method of moving selected Passkeys between two devices that have separate (ie not iCloud) Keychains.

So that's two of us that can now indulge in our paranoid security practices!

Re: iCloud keychain and passkeys

Avatar Richard I
Thanks, Tony! That’s useful Info. Interestingly, soon after I read your reply, I read an article on Apple news which suggested that soon you’ll be able to share passkeys with non-Apple devices too.
Ref: “ With iOS 26, Apple is finally solving one of the biggest passkey headaches”

Re: iCloud keychain and passkeys

Avatar Rick Churchill
Perhaps we need a refresher topic on what could be stolen when our phone is snatched and is "open". I have assumed face recognition would prevent unlawful access.

Not till October though when I am able to rejoin AUGs

Re: iCloud keychain and passkeys

Avatar Mick Burrell
A method to minimise the risk of unlawful access was covered by David Moon at some of the meetings, about three or four months ago. David or I will be happy to run through it with you when we next see you.

Re: iCloud keychain and passkeys

Avatar Tony Still
Hmm, I think I'm wrong about the keychain being open when the device is unlocked: I tried a website log-in on my phone and was prompted for an ID (FaceID) before it would auto-fill. That's good, though there's lots of other data open on an unlocked device.

It does depend on your level of paranoia though. The data is still on the device and protected only by the (fallback) 6 digit passcode. It's a bit like giving your data to a website, it's perfectly secure right up to the moment that they lose it (M&S, Co-Op, Adobe, ...); if they don't have it, they can't lose it.

On the subject of exporting passcodes from Keychains in xxxOS 26, I believe what Apple is implementing is a standard so should be readable in Android, Windows etc once everyone has their implementations in place. Finally an end to writing passwords on scraps of paper, though if I was a yellow sticky, I wouldn't be feeling threatened quite yet!
 
Feed