With iOS 11 Apple included a new feature that makes logging into apps and web-based accounts less demanding. The mobile operating system finally includes a password manager allowing users to quickly and easily access their accounts for both apps and websites.
This means that when a login window appears – in either option – iOS 11 users will see a prompt with a key sign. Tapping that key icon will open up the saved passwords database, which is protected by the device passcode, Touch ID, or Face ID.
It has taken Apple many years to catch up with the user demand that password manager developers identified a long time ago. The desire to streamline the workflow of daily internet usage – namely logging into and out of web accounts – means that users want a service that protects their existing passwords and can generate new, more secure ones on demand. That's the role of password managers, and the function that Apple has finally brought into iPhones.
Top iPhone Password Manager Apps
On iOS the web browser doesn't play too central a role in users' digital lives, unlike on macOS: instead of using a web browser to access a range of services – such as streaming sites like Netflix or financial information with online banking – customers instead use apps developed for the platform for that specific purpose.
However, until Apple implemented the Password Autofill feature in iOS 11, password management services have become valuable tools as databases for our passwords, and their complexity has grown over the years. In fact, Apple has already taken steps towards easing the process of logging into apps by allowing iOS apps to access usernames and passwords stored in Safari, starting with iOS 11, but currently only a handful of developers support it.
As such, having an app capable of handling your passwords is still important, so we have selected three of the best password management apps for iOS, but you can always check our reviews page to find all the services we recommend.
Along with securely logging into apps and web accounts, there are two great features that make Dashlane a powerful utility, its Password Changer and the password generator. Independent of mobile browser preferences, Dashlane lets users log into websites and apps automatically. After enabling the Dashlane Extension and adding the password manager to Activities, users can automatically log into apps using this service, which supports a number of popular apps.
Better yet changing passwords is a much less time-consuming action when making use of Dashlane's Password Changer feature: just select the desired accounts saved in the password manager and let the app do the rest in a matter of seconds. It works even with multiple accounts selected, too. Dashlane is available as a free service for iOS, but to get the cross-device sync option you‘ll need to select the Premium plan, which costs $3.33 per month when billed annually.
After collecting all your passwords into the LastPass vault, it's obvious that you'll also want to access them on the iPhone or iPad as well. The iOS app enables access to this vault, making the viewing and sharing of passwords mobile.
To make LastPass work with the Chrome or Safari browsers users will first need to disable Safari autofill and add the LastPass extension to the Activities list. When logging into a web account, LastPass will prompt the user for their Touch ID (if applicable) or PIN, and present a list of available logins. Tapping any of them, will autofill the forms with the login credentials.
For this to work with app logins, developers will need to support LastPass just as is the case with Dashlane, and there is a growing list of supported apps on the LastPass website. The basic LastPass service is free and includes a free 30-day trial of the Premium plan, which costs $2 per month and includes 1GB of encrypted file storage, advanced multi-factor options, and other features.
Managing passwords, credit cards, secure notes, and other data stored in the 1Password vaults is an easy task with the iOS app. Adding the browser extension will quickly save and fill passwords in mobile Safari and supported iOS apps.
If the app does not support 1Password, then no problem; the forms can be filled in quickly using drag and drop on an iPad thanks to the multitasking feature of iOS. By marking the most frequently used logins as favorites, they will be listed at the top of the app ready for quick access.
Well-organized password data also streamlines access, so using tags is highly recommended – quite a useful feature in every day usage. As is Watchtower, which informs users about any password breaches or other security problems for any websites that you have stored in a 1Password vault.
The service costs $2.99 per month for individual users and $4.99 per month for a family of up to five people, though before users commit to the service they can try it for free for 30 days.
Password Manager vs Keychain
Both iOS and macOS have a built-in password manager that you've probably already seen, since it appears whenever you log into a website and offers to save the new credentials, so that the next time you visit the same site and try to log in it will fill these details out automatically.
The Password Autofill for apps that was introduced with iOS 11 works just like the one used with Safari, providing a way to save and then retrieve passwords stored in iCloud Keychain. After seeing that developers didn't rush to adopt its password autofill feature when it originally launched with iOS 8, Apple decided to tweak the feature to turn it into a password manager that supports apps natively, although this updated method still requires app developers to make some adjustments.
At the heart of Password Autofill is iCloud Keychain that, if enabled, will present the option to fill in logins for apps and websites in the QuickType bar, presenting the credentials in necessary fields alongside the key icon that signals the presence of this feature.
Still, it’s important to remember that iCloud Keychain and Password Autofill won’t work in conjunction with password managers such as 1Password, as Apple’s software won't have access to the data stored in the password manager's vault. These services will need the support of developers to enable quick access to their apps.
Best Password Managers of 2019
|Editor's Choice 2019|
Importing and Syncing Password Data
To protect user data when using the Password Autofill for Apps feature Apple requires developers to identify the website(s) they are affiliated with, so a secure two-way link can be created.
But this feature still locks users into the Apple ecosystem and keeps the password in the iCloud Keychain. Since mobile Safari doesn't have an option to export credentials to allow users to easily move the data into their preferred password manager, users must instead choose between two methods of importing this data.
The first option is to export the iCloud Keychain password database from a Mac into a CSV file format that is supported by the password manager, or alternatively they can capture the passwords one by one as Safari fills them in. This first method is the fastest of the two, and with the cloud-sync feature users can have their passwords on all their devices as soon as it is imported into the desktop or web-based app.
Password Security on the iPhone
iOS stores all saved passwords securely on the device, and if iCloud Keychain is enabled – the key to Apple’s built-in password manager – the data is then available across all Apple devices associated with the same user.
Autofill is enabled by default, and the user will receive a prompt to enable iCloud Keychain when adding a new device. The password data stored on the device is protected by the device passcode set by the user, and if the iPhone or iPad supports biometric identification then passwords will even be protected by Touch ID or Face ID.
While Apple has been keen to emphasize the security measures it has taken to protect user data while it is in transit and stored on servers, the service hasn't been completely flawless. The Common Vulnerabilities and Exposures (CVE) database reveals that iCloud Keychain has suffered from multiple security vulnerabilities, exposing customers to hacker attacks.
Apple has been acting quickly to patch these vulnerabilities out by issuing software updates and working with the security researchers who first reported these flaws, but in the end it all comes down to trust: who are you going to trust with all the sensitive data that you have collected and stored in one basket: Apple, or a third party password manager?