Unlike a traditional password manager, we don’t have a lot of control over iOS password generation. But there is a manual workaround that lets us configure iCloud Keychain a bit.
Did you know that iCloud Keychain is synced with macOS’s Keychain Access utility? You can add website logins directly to Keychain Access, and have it synced to your iOS devices.
Security researcher Linuz Henze found a macOS Keychain bug but won’t share it with Apple out of protest.
Henze has publicly shared legitimate iOS vulnerabilities in the past, so he has a track record of credibility. However, Henze is frustrated that Apple’s bug bounty program only applies to iOS, not macOS, and has decided not to release more information about his latest Keychain invasion.
It is odd that there isn’t a macOS bug bounty but I think withholding security information isn’t the way to go.
If you’re using a Time Capsule or an AirPort Express or Extreme, then you should know that there’s a way to pull together all of the passwords associated with one of those devices for easy safekeeping. Screenshot this and put it in your password manager or print it out and throw it in your safe, and you’ll have all of your network info secured!
You can store more than passwords securely in Keychain Access, and Melissa Holt shows you how.