Apple May Add Secure Password Suggestions to Safari with OS X Mountain Lion

1Password is a popular password service which offers apps and browser plug-ins for a number of platforms, including Mac, Windows, iOS and Android. The service automatically generates strong, unique passwords whenever a login is needed, keeping them in a keychain under a master password. Once authorized, 1Password can then automatically fill in user names and passwords when needed without the user having to know the often complex passwords created for maximum security.

But with Apple continuing to push out developer betas of OS X Mountain Lion and Safari 5.2, it is now becoming apparent that the company is looking to bake similar functionality directly into Safari.

safari 5 2 password pane
"Passwords" preference pane in Safari 5.2

One of the more visible changes in the Safari 5.2 developer builds has been a new "Passwords" pane in the application's preferences, offering a way for users to access stored user names and passwords for various sites and services. As currently deployed, the pane is essentially a more convenient way to view passwords already stored and accessible through the dedicated Keychain Access application.

safari 5 2 password suggest string
Text string addressing unique password suggestions in Safari 5.2

But text strings associated with the last several builds of Safari 5.2 point to more extensive password functionality for Safari, including an ability to suggest unique passwords rather than simply storing user-created ones. Specifically, one of those strings which is present in Safari 5.2 but not currently used in a public-facing context reads:

Safari can automatically suggest and remember unique, secure passwords for websites you choose.

With Mountain Lion's focus on taking greater advantage of iCloud services to keep data synced across devices, it seems reasonable to speculate that Apple has plans to roll this password functionality out to iCloud and iOS as well. The move would allow "unique, secure passwords" created on one device to be automatically available for use on another device without having to manually record or insecurely copy and paste password information for transfer.

Apple has already revealed its plans to use iCloud to integrate browser activity across devices, as evidenced by Safari tab syncing making its way into test builds. And interestingly, Apple previously offered keychain syncing across devices with .Mac and MobileMe, but discontinued the feature with the transition to iCloud. It now appears that the functionality was removed while Apple worked to revamp and expand it to increase its functionality.

icloud safari syncing lion mountain lion
iCloud's Safari syncing entry in System Preferences in Lion (left) and Mountain Lion (right)

Apple has also signaled its intention to broaden the browser syncing features of Safari with the iCloud preference pane in System Preferences under Mountain Lion. While the Safari section has been titled "Bookmarks" under Lion, with the addition of browser tab syncing and perhaps new user name and password syncing the section has now simply been retitled "Safari".

But while Apple certainly seems to have all of the pieces in place for higher security unique password generation and syncing across platforms via iCloud, the feature has not yet been introduced for testing in developer builds of OS X Mountain Lion. The feature has also not been seen in iOS builds, although the company has yet to begin developer testing on either iOS 6 or an interim iOS 5.2 update.

Popular Stories

iPhone 17 Pro Lower Logo Feature 1

iPhone 17 Pro Coming Soon With These 14 New Features

Monday June 30, 2025 1:08 pm PDT by
Apple's next-generation iPhone 17 Pro and iPhone 17 Pro Max are less than three months away, and there are plenty of rumors about the devices. Apple is expected to launch the iPhone 17, iPhone 17 Air, iPhone 17 Pro, and iPhone 17 Pro Max in September this year. Below, we recap key changes rumored for the iPhone 17 Pro models:Aluminum frame: iPhone 17 Pro models are rumored to have an...
Apple Watch Ultra Night Mode Screen

Apple Watch Ultra 3 Launching Later This Year With Two Key Upgrades

Wednesday July 2, 2025 1:13 pm PDT by
The long wait for an Apple Watch Ultra 3 appears to be nearly over, and it is rumored to feature both satellite connectivity and 5G support. Apple Watch Ultra's existing Night Mode In his latest Power On newsletter, Bloomberg's Mark Gurman said that the Apple Watch Ultra 3 is on track to launch this year with "significant" new features, including satellite connectivity, which would let you...
iPhone 17 Pro Lower Logo Magsafe

iPhone 17 Pro's New MagSafe Design Revealed in Leaked Photo

Wednesday July 2, 2025 8:37 am PDT by
The upcoming iPhone 17 Pro and iPhone 17 Pro Max are rumored to have a slightly different MagSafe magnet layout compared to existing iPhone models, and a leaked photo has offered a closer look at the supposed new design. The leaker Majin Bu today shared a photo of alleged MagSafe magnet arrays for third-party iPhone 17 Pro cases. On existing iPhone models with MagSafe, the magnets form a...
Wi Fi WiFi General Feature

iOS 26 Adds a Useful New Wi-Fi Feature to Your iPhone

Wednesday July 2, 2025 6:36 am PDT by
iOS 26 and iPadOS 26 add a smaller yet useful Wi-Fi feature to iPhones and iPads. As spotted by Creative Strategies analyst Max Weinbach, sign-in details for captive Wi-Fi networks are now synced across iPhones and iPads running iOS 26 and iPadOS 26. For example, while Weinbach was staying at a Hilton hotel, his iPhone prompted him to fill in Wi-Fi details from his iPad that was already...
iPhone 17 Pro in Hand Feature Lowgo

iPhone 17 Pro Max Battery Capacity Leaked

Thursday July 3, 2025 5:40 am PDT by
The iPhone 17 Pro Max will feature the biggest ever battery in an iPhone, according to the Weibo leaker known as "Instant Digital." In a new post, the leaker listed the battery capacities of the iPhone 11 Pro Max through to the iPhone 16 Pro Max, and added that the iPhone 17 Pro Max will feature a battery capacity of 5,000mAh: iPhone 11 Pro Max: 3,969mAh iPhone 12 Pro Max: 3,687mAh...
iOS 18

Apple Releases Second iOS 18.6 Public Beta

Tuesday July 1, 2025 10:19 am PDT by
Apple today seeded the second betas of upcoming iOS 18.6 and iPadOS 18.6 updates to public beta testers, with the betas coming just a day after Apple provided the betas to developers. Apple has also released a second beta of macOS Sequoia 15.6. Testers who have signed up for beta updates through Apple's beta site can download iOS 18.6 and iPadOS 18.6 from the Settings app on a compatible...
maxresdefault

New MacBook With A18 Pro Chip Spotted in Apple Code

Monday June 30, 2025 8:05 am PDT by
Apple is developing a MacBook with the A18 Pro chip, according to findings in backend code uncovered by MacRumors. Subscribe to the MacRumors YouTube channel for more videos. Earlier today, Apple analyst Ming-Chi Kuo reported that Apple is planning to launch a low-cost MacBook powered by an iPhone chip. The machine is expected to feature a 13-inch display, the A18 Pro chip, and color options...
airpods pro 2

AirPods Pro 3 to Help Maintain Apple's Place in Earbud Market Amid Increasing Low-Cost Competition

Thursday July 3, 2025 7:25 am PDT by
Apple's position as the dominant force in the global true wireless stereo (TWS) earbud market is expected to continue through 2025, according to Counterpoint Research. The forecast outlines a 3% year-over-year increase in global TWS unit shipments for 2025, signaling a transition from rapid growth to a more mature phase for the category. While Apple is set to remain the leading brand by...

Top Rated Comments

Small White Car Avatar
172 months ago
I think I'm the only person in the world who tried and didn't like 1Password, so I'll be interested to see if Apple somehow does it differently.
Score: 9 Votes (Like | Disagree)
manu chao Avatar
172 months ago
I really am not liking the way Apple has "upgraded" the password thing for my apple account. It used to be just a password. Now if someone answers five questions about me that can probably easily be phished through casual conversation (what school did you go to?) they defeat my password.

My only alternative is to use false answers for those questions. Which means I need to keep track of my answers, which means I need something like 1password and if the password for that gets cracked, the keys to the kingdom are truly compromised.
.
You could use your existing password as answer to all questions. That way you are back to one password only.
Score: 5 Votes (Like | Disagree)
AdeFowler Avatar
172 months ago
As the Keychain App already has the ability to suggest and create secure passwords I guess this is a logical move. However, until they can be synced between devices, 1Password have nothing to fear.
Score: 4 Votes (Like | Disagree)
3282868 Avatar
172 months ago
And interestingly, Apple previously offered keychain syncing across devices with .Mac and MobileMe, but discontinued the feature with the transition to iCloud. It now appears that the functionality was removed while Apple worked to revamp and expand it to increase its functionality.
If this is true, I'd be ecstatic. I was disappointed when keychain syncing was removed, but if this was done to improve it, I'm game. Now if Apple works on Documents as a possible replacement for iDisk (using Dropbox now which is great), I'd be a happy camper with iCloud.
Score: 3 Votes (Like | Disagree)
DavidLeblond Avatar
172 months ago
I love 1password. I'll probably stick with them since they sync to my work Windows machine as well.
Score: 3 Votes (Like | Disagree)
leukotriene Avatar
172 months ago
That’s where they are now if you’re using DropBox. The encryption is good though.

I'm a 1password user and I use Dropbox for syncing, but here's a serious security risk:

Any app that you grant Dropbox permission to has access to your 1password database. A malicious app developer could, for example, put an app on the App Store that masquerades as a text editor that syncs with Dropbox. At a given time interval months from now (so as to evade App Store rejection), it uploads your 1password database to their server. At that point the developer can brute force the 1password database (could take days to years depending on your password strength) and have access I all your passwords. Even if 80% of 1password users use a strong enough password to make brute forcing a non-worthwhile endeavor, it's the unfortunate 20% who would get their password exposed by this sort of attack, and thus make this attack a profitable venture for a black hat. It's a very feasible scenario.

On the other hand, with Apple's hypothetical solution, it sounds like your master password would be sandboxed away from app developers whose apps access iCloud. My understanding of the iCloud APIs is that an app can only access data inside its own sandbox. Personally, if Apple comes up with a password syncing solution, I'll certainly switch.
Score: 2 Votes (Like | Disagree)