Apple Launches Open Source Project to Let Password Management Apps Create Strong Passwords

Apple today informed developers that it has launched a new open source project that's designed to let those who develop password management apps create strong passwords compatible with popular websites.

1passwordgenerate
The new Password Manager Resources open source project allows password management apps to integrate website-specific requirements used by the iCloud Keychain password manager to generate strong, unique passwords.

Many password managers generate strong, unique passwords for people, so that they aren't tempted to create their own passwords by hand, which leads to easily guessed and reused passwords. Every time a password manager generates a password that isn't actually compatible with a website, a person not only has a bad experience, but a reason to be tempted to create their own password. Compiling password rule quirks helps fewer people run into issues like these while also documenting that a service's password policy is too restrictive for people using password managers, which may incentivize the services to change.

The project also features a collection of websites known to share a sign-in system, links to website pages where users can change passwords, and more, with full details available on GitHub.

Apple says that having password managers collaborate on resources like password rules and change password URLs allows all password management apps to improve their quality with less work, plus it encourages websites to use standards or emerging standards to improve their compatibility with password managers.

Top Rated Comments

kop48 Avatar
26 weeks ago
Any reason why the article shows the password generator from 1Password without references? :)
Score: 21 Votes (Like | Disagree)
mnsportsgeek Avatar
26 weeks ago
The thing I’d really like to see is password generation in safari for 3rd party apps.

It’s a bit of a pain to create new accounts in 1Password with the proper url. You have to go back and forth between the app and 1Password a time or two. It’d be nice if it was more streamlined for 3rd party apps kind of like it is for keychain.
Score: 14 Votes (Like | Disagree)
TriBruin Avatar
26 weeks ago


there's still going to be (and are) plenty of websites that create their own stupid password rules that no password manager that generates strong passwords will be able to comply. People are still going to have to roll their own- kinda taking away the spark of this project. - But at least it's a step in the right direction.

From the way I read it, that is the goal of this project. Once enough password managers add this feature, it should not matter (from a password generation POV), what the requirements are. The password manager will know BEFORE it generates a password.

Take an example from one of the existing websites in the password-rules.json:

According to the JSON, bhphotovideo.com has a requirement of a password max length of 15 characters. Pretend you go to that website and attempt to create an account. You use the Password Generator in Safari (or any password manager), BEFORE the password generator attempts to create a complex password, it reads the JSON and finds the bhphotovideo.com URL. It then reads the requirements (Max length 15). It immediate creates a password that fits that requirement, regardless of what your defaults are. No action needed on your part to manually change the requirements (which may not be obvious on the webpage.)

The key is (a) the list of password requirements is kept up to date. Since this is published on GitHub, anyone can make a PULL request to update. I wonder what Apple's merge requirements are going to be.

(b) Password managers integrate this in to there workflow.
Score: 14 Votes (Like | Disagree)
NightFox Avatar
26 weeks ago


Any reason why the article shows the password generator from 1Password without references? :)

I'd guess that if they did reference it, people on here would be asking why they'd singled out 1Password to feature over other PWMs
Score: 13 Votes (Like | Disagree)
Stanfield Avatar
26 weeks ago


Sure. Give hackers the open source code to help people generate passwords. What can go wrong? :rolleyes:

Openness enables collaboration. Black boxes maintained by a single company aren't usually the best method for strong security. I want security that shows you exactly what its doing, has been vetted by a community of security experts, and dares the hackers to break it.
Score: 9 Votes (Like | Disagree)
bookofxero Avatar
26 weeks ago
It would be great if websites would have some consistency in their input validation and database schemas. I know one company that allows almost every special character but a comma - and the error message doesn't tell you which special character is the disallowed one. I used 1password and had to go through the generated password and remove each special character 1-by-1 to figure out which one was problematic.
"Hrm, octothorp? Nope. Modulus? Nope. Pipe? Nope. Asterisk? Nope. Greater than symbol? Nope. That just leaves the comma. What?! Seriously?"
It really is an awful experience and I can see why other users would resort to weak and/or reused passwords.
I've see other sites with very specific character length guidelines and other weird combinations. One site, which has since updated to something more secure, even once required 8-15 characters, letters and numbers only. If I were trying to brute force or guess a potentially weak password, wouldn't that make the dictionary size much smaller and thus easier to crack?
Score: 7 Votes (Like | Disagree)

Top Stories

apple briefcase

AppleCare Memo Hints at Potential Hardware Announcement Next Tuesday

Thursday December 3, 2020 9:12 am PST by
Following a busy fall season in which Apple hosted three events in as many months, the company may have one more product announcement in store this year. In an internal memo this week, obtained by MacRumors from a reliable source, Apple informed service providers that it has AppleCare-related changes planned for Tuesday, December 8 at approximately 5:30 a.m. Pacific Time. Specifically, Apple ...
apple top apps games 2020

Apple Shares Top 20 Most Downloaded Games and Apps of 2020

Tuesday December 1, 2020 9:38 pm PST by
Alongside picks for the top iPhone, iPad, and Mac apps and games of the year, Apple today shared charts featuring the Top Games of 2020 and the Top Apps of 2020, revealing the most popular free and paid apps and games during the year. Among Us! was the top free game of 2020, followed by Call of Duty: Mobile, Roblox, and Subway Surfers. Ink Inc. Tattoo Drawing was the number four free app,...
homepod mini amazon echo size

$99 Speaker Showdown: HomePod Mini vs. Amazon Echo and Google Nest Audio

Wednesday December 2, 2020 3:12 pm PST by
Apple recently released the HomePod mini, a new $99 version of the original HomePod that's smaller, cuter, and, most importantly, competitively priced. At $99, the HomePod mini can better compete with affordable smart speakers from companies like Google and Amazon. Subscribe to the MacRumors YouTube channel for more videos. The HomePod mini has been praised for its high-quality sound at its...
iphone8guide b

iOS 14.2 Quietly Added FaceTime 1080p Support to iPhone 8 and Later Models

Wednesday December 2, 2020 3:21 am PST by
Back in early November, Apple released iOS 14.2 and announced with it a slew of new features for iPhones, but one thing it didn't mention was the apparent addition of support for 1080p FaceTime calls on iPhone 8 and later devices. The little-known fact was discovered by MacMagazine, which found that Apple quietly updated the specs pages for devices like iPhone XR shortly after the release of ...
16 inch MBP Mini Led

Kuo: Two Redesigned MacBook Pros in 2021 and New MacBook Air in 2022, All With Apple Silicon and Mini-LED Displays

Wednesday December 2, 2020 5:46 am PST by
Apple plans to release two redesigned MacBook Pros in 2021 and a new MacBook Air in 2022, all with mini-LED displays and Apple Silicon chips, according to TFI Securities analyst Ming-Chi Kuo. In a research note to investors, seen by MacRumors, Kuo explained that two new MacBook Pro models equipped with an all-new form factor design are expected to launch in 2021, and a new "affordable"...
iOS 14

Apple Releases Third Betas of iOS 14.3 and iPadOS 14.3 to Developers [Update: Public Beta Available]

Wednesday December 2, 2020 10:04 am PST by
Apple today seeded the third betas of upcoming iOS 14.3 and iPadOS 14.3 updates to developers for testing purposes, two weeks after releasing the second betas and a month after the launch of iOS and iPadOS 14.2. iOS and iPadOS 14.3 can be downloaded through the Apple Developer Center or over the air after the proper developer profile has been installed. The iOS 14.3 update brings the...
best apps of 2020

Wakeout! Named Apple's Best App of 2020, While Zoom Earns the Title for Best iPad App

Tuesday December 1, 2020 9:26 pm PST by
Apple today shared its App Store Best of 2020 winners, highlighting its picks for the top iOS, iPadOS, and macOS apps and games released over the course of the year. Apple's iPhone App of the Year award went to Wakeout!, which is a family friendly exercise and movement app that encourages people to complete easy exercises while at home. Apple's iPad App of the Year was Zoom, which soared in...
wristcam design

$299 'Wristcam' Adds a Pair of Cameras to Your Apple Watch

Thursday December 3, 2020 9:32 am PST by
The Apple Watch has never included a camera, likely due to battery life and space concerns. A new Apple Watch product aims to address that lack by introducing a wrist-worn camera that works with the Apple Watch. The Apple-certified Wristcam attaches to the Apple Watch in the form of a band that adds a rather large camera set to the top of the Apple Watch. It's quite thick and bulky, but can...
iphone 12 5g

Multiple iPhone 12 Users Report Sudden Drops in 5G and LTE Cellular Coverage

Thursday December 3, 2020 1:18 am PST by
Since Apple launched the iPhone 12 in October, an increasing number of users of the new smartphone have been reporting persistent drops in cellular coverage. Multiple reports of dropped 5G and LTE connectivity have appeared on Reddit, on Apple's support forums, and on the MacRumors forums, with many people suffering issues when walking or in transit and some seeing the same problem when...
magsafe duo charger

MagSafe Duo Charger for iPhone 12 and Apple Watch Now Available for Purchase

Tuesday December 1, 2020 4:15 pm PST by
Apple today began selling the MagSafe Duo Charger that was announced alongside the new iPhone 12 models back in October. Priced at $129, the MagSafe Duo offers a MagSafe charging puck for the iPhone 12, 12 Pro, 12 Pro Max, and 12 mini, along with an Apple Watch charger. Though the accessory was announced in October and was listed as coming soon, it was not clear when it would launch. Orders...