New Apple iPhone app proves just how hard it is to kill the online password
Apple Intelligence was unveiled during Apple’s Worldwide Developers Conference in Cupertino, California, on June 10, 2024.
Source: Apple Inc.
For years, cybersecurity experts have been predicting the death of the online password as more advanced log-in features, from facial recognition to multi-factor authentication, become more common. But it seems like Apple has accepted that the password isn’t going away anytime soon. Its new Passwords app, introduced at Apple’s WWDC 2024 earlier this week, is one more solution to help protect online accounts and manage multiple logins. It doesn’t change the fact that putting all your logins in one place continues to come with risks.
“Passwords are really hard to kind of get rid of,” said Andras Cser, Forrester vice president, principal analyst.
The new Passwords app for iPhone, iPad, Vision Pro, Mac and Windows, lets users store all of their passwords, including verification codes, app passwords, Wi-Fi passwords, Passkeys and more. The offering is similar to other password managers on the market, including 1Password and LastPass.
“You can’t underestimate the power of having a default solution like this and having password security built in,” said Gadjo Sevilla, eMarketer senior analyst .”That’s probably going to entice the majority of of Apple customers to use the feature. It’s convenient. It’s there. It’s free.”
Passwords are a risky online security method
But that doesn’t change the basic concern about users relying on passwords as a default online security method.
“That’s the move: Obliterate the need for any password manager and just move to one-time passwords based on push notification-based authentication, biometrics or passkeys,” Cser said. “Moving away from passwords is probably the right message, not using free or upgraded password managers.”
Password hacking is on the rise, with IBM reporting a 71% increase in the number of attacks using valid passwords in 2023 compared to 2022. Apple, Google, and Microsoft have made moves to migrate more users to passkeys, which requires another device owned by the user to verify the login through face scans, fingerprints or other codes. This helps get rid of the biggest cybersecurity risk: people tend to have very poor password hygiene, including using the same password across accounts, which means if that password is stolen the hacker would have access to all of them.
Apple’s passkey system, Keychain, is only for products under its iOS operating system. This new Passwords app includes more systems compatibility, including Windows and different types of login verifications. The company did not say it will include any Google or Android passwords, which encompass a lot of accounts.
Password managers, like the Apple Password app, log different passwords, passcodes and logins securely under a safe account. And they do offer an added layer of protection: research from Security.org found those without password managers are three times more likely to be victims of identity theft. But whether free or paid versions of managers, none completely eliminates risk.
“They are a band-aid or wraparound,” Cser said. “Passwords are very vulnerable, and very much have run their course in protecting any kind of apps or resources and data. So then, it just puts all your eggs in one basket, regardless of who’s tool you pick, right?”
Apple did not respond to a request for comment by press time.
There are some concerns that if Apple holds all the digital keys to everyone’s password, then it could make people more vulnerable if the company is hacked. It’s not outside the realm of possibility: Apple’s iCloud was hacked back in 2014, leading to many leaks of private celebrity photos. LastPass was hacked in 2022, though customer data was not stolen.
“The one security issue ever is that anyone who gets your Apple ID and your password would get access to your iCloud Keychain or your Password app, because that is really the key authentication needed to safely access those stored passwords,” Sevilla said.
Apple, personal data, and privacy
Still, protecting large amounts of personal data is nothing new for Apple, and it has developed a relatively good track record of building its brand around privacy. It also has a hardline stance against sharing information with unauthorized third-party apps. Earlier changes starting with iOS 14.5 have asked users to opt into data sharing and blocked tracking applications, to the detriment of digital advertising companies reliant on that information for ad targeting like Facebook.
“Apple is a services company,” Sevilla said. “They have billions of credit card numbers. You can’t underestimate the amount of effort they will put into making sure that is locked down, and those are all tied into Apple IDs, Apple passwords. So I guess if you follow that example, they could probably be seen as far more secure than the standalone apps.”
Broader data sharing issues were raised at WWDC about Apple’s partnership with OpenAI, which it is using to allow Siri to access ChatGPT. Some, including Elon Musk, have raised concern that allowing OpenAI access to Apple user data could be a potential security violation. OpenAI uses user data and behavior to train its AI models.
While it may be highly unlikely, with users sharing their passwords with Apple, and Apple sharing data with OpenAI, cybersecurity experts say it presents at least the theoretical risk that OpenAI could use logins to look at personal data for its learning purposes.
Apple reiterated its commitment to data privacy at WWDC 24. Apple Intelligence, its entry into AI, will leverage cloud-based models on special servers using Apple Silicon to ensure that user data is private and secure. If a request needs to go to a cloud server, Apple says it will only send a limited selection of data in a “cryptographically” secure way.
“We’re not going to take that data and go send it to some cloud somewhere,” Apple senior vice president of Machine Learning and AI Strategy John Giannandrea said at the event. “Because we want everything to be very private, whether it’s running locally or on a cloud computing service, and that’s the way we want it so we can use your most personal data.”
Technology
Musk’s Starlink rival Eutelsat shares plummet 7% after report of SoftBank cutting its stake
French satellite group Eutelsat, often seen as Europe’s answer to Elon Musk’s Starlink, saw its share price plummet Wednesday following a report that Japanse investor SoftBank cut its stake in the company.
Shares in Eutelsat were last trading 7.8% lower as of 6:00 a.m. ET.
The moves come following a Reuters report that SoftBank has sold 36 million rights, corresponding to around 26 million shares and around half their stake in the satellite operator.
Eutelsat is the owner of the satellite internet provider OneWeb, which it merged with in 2023 in a bid to challenge Starlink’s dominance in the market.
But the French group has struggled to tap into the U.S. company’s market share. Eutelsat currently has more than 600 satellites in orbit compared to Starlink’s over 6,750, according to the companies’ websites.
After soaring more than 600% in early March this year, as Europe scrambled to bolster its tech sovereignty in the wake of the U.S. cutting military support to Ukraine, Eutelsat shares have since dropped more than 70%.
The company is seen as crucial to Europe’s tech sovereignty ambitions. In June the French state led a 1.35 billion euro ($1.57 billion) investment in Eutelsat, becoming its biggest shareholder with a roughly 30% stake.
Tech sovereignty
In November SoftBank said it had sold its entire stake in U.S. chipmaker Nvidia as it looked to free up funds for its investment in OpenAI and other projects.
SoftBank wouldn’t have made the move if it didn’t need to bankroll its next artificial intelligence investments, founder Masayoshi Son said on Monday at an event.
The Japanese giant’s Eutelsat move mirrors its “aggressive monetisation” across its portfolio, Luke Kehoe, analyst at Ookla, told CNBC.
“With governments and strategic European investors, not SoftBank, now funding the recapitalisation, Eutelsat is becoming less a growth story and more a pillar of Europe’s digital sovereignty infrastructure.”
While Starlink is holding on to its scale advantage and is dominant in retail broadband, Eutelsat is carving out a niche in government, aviation, backhaul and emergency connectivity, said Kehoe.
“The open question is whether that higher-value, B2B-centric positioning can deliver attractive returns once the current wave of capex and recapitalisations is behind it, and whether Europe is willing to keep writing cheques at the scale required to narrow the gap with Starlink.”
Eutelsat and SoftBank have been approached for comment.
-
Sports2 years agoStory injured on diving stop, exits Red Sox game
-
Sports3 years ago‘Storybook stuff’: Inside the night Bryce Harper sent the Phillies to the World Series
-
Sports2 years agoGame 1 of WS least-watched in recorded history
-
Sports3 years agoButton battles heat exhaustion in NASCAR debut
-
Sports3 years agoMLB Rank 2023: Ranking baseball’s top 100 players
-
Sports4 years ago
Team Europe easily wins 4th straight Laver Cup
-
Environment3 years agoJapan and South Korea have a lot at stake in a free and open South China Sea
-
Environment1 year agoHere are the best electric bikes you can buy at every price level in October 2024