iCloud Keychain

Jump to How Tos Articles

'iCloud Keychain' How Tos

How to Use iCloud Keychain on Your iOS Devices

iCloud Keychain is a feature of your Apple account that you can use to keep your website login credentials, personal details, credit card details, and wireless network information up to date and available across all your Apple devices. With so many usernames and passwords to remember these days, iCloud Keychain provides a convenient way of always having this information at hand. And with its AutoFill feature, iCloud Keychain can even enter your credentials for you when required. It's also very secure, thanks to Apple's use of end-to-end encryption. This means that only you can access your information, and only on devices where you're signed in to iCloud. Keep reading to learn how to enable iCloud Keychain on your iOS devices. How to Enable iCloud Keychain on Your iPhone or iPad Open the Settings app and tap your Apple ID banner at the top of the Settings menu. Tap iCloud. Scroll down the list and select Keychain. Toggle on the iCloud Keychain switch and enter your Apple ID password if prompted. If this is the first time you've enabled iCloud Keychain, you'll be asked to create an iCloud Security Code or use your existing device passcode. You'll also need to enter a phone number where you can receive SMS messages for authorization purposes. If you've already enabled iCloud Keychain in the past, you'll be prompted to enter the passcode that was used to set it up previously. Accessing Your Login Details in iCloud Keychain With iCloud Keychain enabled, Apple's Autofill feature will fill in your login credentials for you whenever you come across the

'iCloud Keychain' Articles

iOS and OS X Security Flaws Enable Malicious Apps to Steal Passwords and Other Data

A team of six researchers from Indiana University, Georgia Tech and Peking University have published an in-depth report exposing a series of security vulnerabilities that enable sandboxed malicious apps, approved on the App Store, to gain unauthorized access to sensitive data stored in other apps, including iCloud passwords and authentication tokens, Google Chrome saved web passwords and more. The thirteen-page research paper "Unauthorized Cross-App Resource Access on Mac OS X and iOS" details that inter-app interaction services, ranging from the Keychain and WebSocket on OS X to the URL Scheme on OS X and iOS, can be exploited to steal confidential information and passwords, including those stored in popular password vaults such as 1Password by AgileBits."We completely cracked the keychain service - used to store passwords and other credentials for different Apple apps - and sandbox containers on OS X, and also identified new weaknesses within the inter-app communication mechanisms on OS X and iOS which can be used to steal confidential data from Evernote, Facebook and other high-profile apps."The different cross-app and communication mechanism vulnerabilities discovered on iOS and OS X, identified as XARA weaknesses, include Keychain password stealing, IPC interception, scheme hijacking and container cracking. The affected apps and services include iCloud, Gmail, Google Drive, Facebook, Twitter, Chrome, 1Password, Evernote, Pushbullet, Dropbox, Instagram, WhatsApp, Pinterest, Dashlane, AnyDo, Pocket and several others. Lead researcher Luyi Xing told The