Apple has unveiled a new security feature that will automatically change passwords that have been identified as compromised, marking a significant step forward in the company’s efforts to protect users from the consequences of data breaches and credential theft. The feature, which is integrated into Apple’s native password management infrastructure, is designed to remove the burden of manual password hygiene from users by proactively detecting when a saved password has appeared in a known data breach and initiating the replacement process without requiring the user to take action themselves. The development represents one of the most ambitious attempts by a major technology platform to automate a security task that has historically relied on users being both aware of and responsive to breach notifications.
The automatic password changing capability works by leveraging Apple’s existing breach detection mechanisms, which monitor saved credentials against databases of known compromised passwords, and then interfacing directly with supported websites and services to negotiate a password change on the user’s behalf. The feature is understood to utilise passkey and password autofill infrastructure already present within Apple’s ecosystem, allowing it to navigate the password reset flows of compatible websites automatically and generate a new strong password that is saved directly back into the user’s keychain. The seamless nature of the process is intended to ensure that users remain protected even if they are unaware that their credentials have been compromised or are unlikely to act promptly upon receiving a breach alert.