Proton
What to do if you get a 'compromised passwords' iPhone notification: Proton explains how to find and change your compromised passwords, and protect yourself against data leaks. image shows a phone screen with a notification saying 'Compromised password - The password for your account has appeared in a data leak, putting your acc...'

If you have an iPhone and you keep your passwords saved in the iCloud Keychain, Apple’s password manager, you may have gotten a ‘compromised passwords’ iPhone notification.  

This can be alarming, but there are proactive steps you can take to secure your data. In this article, we’ll explain what the notification means, how to change your compromised passwords, and what you can do to prevent more of your passwords appearing in a data leak.

What does a ‘compromised passwords’ iPhone notification mean?

How to change your compromised passwords on your iPhone

How was your password compromised?

How does Apple monitor for compromised passwords?

How to improve your password security

What does a ‘compromised passwords’ iPhone notification mean?

On your iPhone, the iCloud Keychain stores your usernames and passwords for websites you visit. Apple monitors lists of leaked and compromised passwords(new window), and if your password appears on one of these lists it notifies you. 

If your password is found on a list of leaked data, you’ll get a notification that says “This password has appeared in a data leak, which puts this account at high risk of compromise. You should change your password immediately.” 

It doesn’t mean that any of your accounts have already been hacked, or that your accounts have been affected by a data leak. It means your password has appeared in a data leak online, though not necessarily associated with your email address, username, or the website you use it for. On its own, the password can’t be used to get into any of your accounts. 

However, if you don’t change the password, someone could eventually connect it to the right website and log in to your account. It’s important to know you haven’t had any of your accounts hacked if you receive one of these notifications. You can change your passwords and strengthen your account security to prevent bad actors accessing your accounts – but you’ll need to act quickly to limit any damage.

How to change your compromised passwords on your iPhone

It’s easy to change any passwords which have been affected by an iPhone data leak: 

  1. Go to your Settings app. 
  2. Scroll down to Passwords or Password & Accounts (the option might be different based on which version of iOS your phone is using).
  3. Get access to your passwords by using your passcode, Face ID, or Touch ID.
  4. Your compromised passwords will appear at the top of the screen > Security Recommendations.
  5. Passwords which have appeared in data leaks will be listed under High Priority Recommendations with reused passwords appearing at the bottom of the page under Other Recommendations.
  6. To change a password, select the website you’d like to change your password for by clicking Change Password on Website.
  7. You’ll then be redirected to the website to change your password.

How was your password compromised?

Passwords are compromised when you’re not using a secure enough password. For example, if you’re using the password ‘password1234’, and this password appears on a list of leaked credentials, you and all the people using this password will be made vulnerable. Hackers will now be aware that this password is used frequently across the internet.

One large example of a data leak is the exposure of tens of millions of calls and text message records at AT&T(new window). The company announced that between May to the end of October in 2022, logs of customer data were stolen as a consequence of hackers gaining access to their networks via a third-party cloud platform. 

Some of the most common ways for data leaks to occur are:

  • Human error: Sending information to the wrong person or sharing usernames and passwords are easy ways to leak data. This can happen to personal or work accounts, and it’s fairly common. 
  • Lost or stolen devices: Laptops, phones, and hard drives all contain sensitive information, which can be accessed if they fall into the wrong hands.  
  • Hackers: Most people assume that hackers are behind most data leaks, and that they’ve attacked a website or network or stolen usernames and passwords. Hackers can use different methods including phishing, malware(new window), or guessing weak passwords. They may also use stolen passwords they purchase from dark web marketplaces

How does Apple monitor for compromised passwords?

If you’ve received a ‘compromised passwords’ iPhone notification, then your password has been included on one of Apple’s monitored leaked password lists. Hackers often use software to crack commonly used passwords like 1234 and QWERTY, so if you’ve used an easily guessable password then you’re more likely to end up on one of these lists. 

Apple’s monitoring tool is useful, and can be helpful for iPhone users. But while Apple’s password manager is end-to-end encrypted and relatively secure, the same can’t be said for the rest of the iCloud. As a company, Apple collects a lot of data from its customers

According to an investigation from Forbes Cybersecurity and privacy journalist Kate O’Flaherty, the cybersecurity of Apple’s own apps is subpar(new window). Your passwords are relatively safe, but your apps, photos, text messages, purchase history, and more are accessible to Apple whether you like it or not. 

Researchers at Finland’s Aalto University have studied eight apps available across Apple devices: Safari, Siri, Family Sharing, iMessage, FaceTime, Location Services, Find My Phone, and Touch ID. They found that users “can’t easily stop data sharing in any of the iPhone apps studied” and that “the user interface is designed to be confusing for Apple users”. 

Apple’s password manager may be technically fit for purpose, but the wider Apple ecosystem has access to and may use your personal data for unspecified reasons.

How to improve your password security

The two things you need to prevent getting this notification again are the right approach to creating passwords and the right tools to keep them safe.

Create varied and strong passwords

If you have a weak password, this makes it much easier for hackers to access your accounts if you’re affected by a data breach. A weak password is one that’s easily guessable, like your birthday or the name of your pet. Passwords without numbers and special characters are also less secure. 

It’s also important to vary your passwords between accounts. If you use the same password for multiple accounts, then it’s less work for hackers to access these accounts. Unique passwords for each online account will strengthen your online security. 
We recommend creating passwords of around 12 to 15 characters with a mix of capital and lowercase letters, numbers, and special characters. Don’t include any personal information like a name or a date. You can use the Proton password generator to help you create strong passwords.

Change your password manager

Apple’s built-in password manager is convenient, but you can choose a better option that doesn’t lock you into a single platform. We created Proton Pass to make it easy to protect and manage your whole identity on the internet, regardless of your tech experience. It’s end-to-end encrypted and safeguarded by Swiss privacy laws, some of the strongest in the world.

Proton Pass can help you create extra layers of security for your accounts with:

  • End-to-end encryption: Proton protects the content of your vault with end-to-end encryption, meaning no one can read it but you. Our software is open-source and audited by third party experts. 
  • Two factor authentication (2FA): 2FA is an excellent way to protect your online accounts. It means you can only access an account after giving two pieces of information to prove your identity — this can be a password and an authentication app which will generate a unique code for you to log into your account with. Proton Pass has integrated 2FA, which automatically displays and autofills your 2FA codes, making secure login faster and easier.
  • Unlimited hide-my-email aliases: When you fill out a form with your email address, you lose control over who has access to it. Aliases are randomly generated email addresses that forward emails into your inbox and protect your true email address from being leaked. 
  • Regular security checks: Pass Monitor measures your password health, lets you know where you could be using 2FA, and scans the dark web for personal information including your email addresses, name, Social Security number, and more. It’s available for Pass Plus users and it offers the highest level of account security protection and support.
  • Biometric login: To log into your iPhone, you might use Face ID or Touch ID. You can also use these login methods to access online accounts. Biometric logins are secure because they’re entirely unique to you and they’re not easily replicated. You can use biometric login for macOS, Windows, iOS, and Android with Proton Pass.
  • Passkeys: Passkeys replace the need for passwords and 2FA altogether. They create cryptographic keys, which are essentially long strings of data that can’t be guessed by hackers. Currently passkeys are only supported for some websites, but they can be a strong method for protecting your accounts. Proton Pass offers passkey support across all devices. 
  • Advanced account protection: Proton Sentinel is an AI-powered high security program also monitored by human cybersecurity agents. It’s available as part of Pass Monitor.

You don’t need to be an IT expert to store your passwords and use the internet safely. There are online safety tools available made for people with no experience in cybersecurity — and Proton offers an easy-to-use and secure solution in Proton Pass.

Protect your passwords
Create a free account

Related articles

How to whitelist an email address and keep important messages in your inbox
Find out what email whitelisting is, why it’s useful, how to whitelist email addresses on different platforms, and how Proton Mail can help.
The cover image for Proton blog about cyberthreats businesses will face in 2025, showing a webpage, a mask, and an error message hanging on a fishing hook
Thousands of businesses of all sizes were impacted by cybercrime in 2024. Here are the top cybersecurity threats we expect companies to face in 2025—and how Proton Pass can protect your business.
A graphic interpretation of a block of how many gigabytes in a terabyte
Learn how many GB are in a TB and discover the best way to securely store and share your files — no matter their size.
The cover image for a Proton blog, showing a phone screen with a lock logo and three password fields surrounding the phone
Here's what to look for when choosing an enterprise password manager to streamline collaboration and protect your organization's sensitive data.
  • Privacy guides
Learn how to unsend an email, how it’s useful for personal or business emails, and how Proton Mail can help.
Proton Mail and Proton Calendar winter product roadmap
  • Product updates
  • Proton Calendar
  • Proton Mail
Preview upcoming updates to Proton Mail and Proton Calendar, including performance boosts, new features, and enhanced privacy tools.