Proton
What to do if you get a 'compromised passwords' iPhone notification: Proton explains how to find and change your compromised passwords, and protect yourself against data leaks. image shows a phone screen with a notification saying 'Compromised password - The password for your account has appeared in a data leak, putting your acc...'

What to do if you get a ‘compromised passwords’ iPhone notification

If you have an iPhone and you keep your passwords saved in the iCloud Keychain, Apple’s password manager, you may have gotten a ‘compromised passwords’ iPhone notification.  

This can be alarming, but there are proactive steps you can take to secure your data. In this article, we’ll explain what the notification means, how to change your compromised passwords, and what you can do to prevent more of your passwords appearing in a data leak.

What does a ‘compromised passwords’ iPhone notification mean?

How to change your compromised passwords on your iPhone

How was your password compromised?

How does Apple monitor for compromised passwords?

How to improve your password security

What does a ‘compromised passwords’ iPhone notification mean?

On your iPhone, the iCloud Keychain stores your usernames and passwords for websites you visit. Apple monitors lists of leaked and compromised passwords(new window), and if your password appears on one of these lists it notifies you. 

If your password is found on a list of leaked data, you’ll get a notification that says “This password has appeared in a data leak, which puts this account at high risk of compromise. You should change your password immediately.” 

It doesn’t mean that any of your accounts have already been hacked, or that your accounts have been affected by a data leak. It means your password has appeared in a data leak online, though not necessarily associated with your email address, username, or the website you use it for. On its own, the password can’t be used to get into any of your accounts. 

However, if you don’t change the password, someone could eventually connect it to the right website and log in to your account. It’s important to know you haven’t had any of your accounts hacked if you receive one of these notifications. You can change your passwords and strengthen your account security to prevent bad actors accessing your accounts – but you’ll need to act quickly to limit any damage.

How to change your compromised passwords on your iPhone

It’s easy to change any passwords which have been affected by an iPhone data leak: 

  1. Go to your Settings app. 
  2. Scroll down to Passwords or Password & Accounts (the option might be different based on which version of iOS your phone is using).
  3. Get access to your passwords by using your passcode, Face ID, or Touch ID.
  4. Your compromised passwords will appear at the top of the screen > Security Recommendations.
  5. Passwords which have appeared in data leaks will be listed under High Priority Recommendations with reused passwords appearing at the bottom of the page under Other Recommendations.
  6. To change a password, select the website you’d like to change your password for by clicking Change Password on Website.
  7. You’ll then be redirected to the website to change your password.

How was your password compromised?

Passwords are compromised when you’re not using a secure enough password. For example, if you’re using the password ‘password1234’, and this password appears on a list of leaked credentials, you and all the people using this password will be made vulnerable. Hackers will now be aware that this password is used frequently across the internet.

One large example of a data leak is the exposure of tens of millions of calls and text message records at AT&T(new window). The company announced that between May to the end of October in 2022, logs of customer data were stolen as a consequence of hackers gaining access to their networks via a third-party cloud platform. 

Some of the most common ways for data leaks to occur are:

  • Human error: Sending information to the wrong person or sharing usernames and passwords are easy ways to leak data. This can happen to personal or work accounts, and it’s fairly common. 
  • Lost or stolen devices: Laptops, phones, and hard drives all contain sensitive information, which can be accessed if they fall into the wrong hands.  
  • Hackers: Most people assume that hackers are behind most data leaks, and that they’ve attacked a website or network or stolen usernames and passwords. Hackers can use different methods including phishing, malware(new window), or guessing weak passwords. They may also use stolen passwords they purchase from dark web marketplaces

How does Apple monitor for compromised passwords?

If you’ve received a ‘compromised passwords’ iPhone notification, then your password has been included on one of Apple’s monitored leaked password lists. Hackers often use software to crack commonly used passwords like 1234 and QWERTY, so if you’ve used an easily guessable password then you’re more likely to end up on one of these lists. 

Apple’s monitoring tool is useful, and can be helpful for iPhone users. But while Apple’s password manager is end-to-end encrypted and relatively secure, the same can’t be said for the rest of the iCloud. As a company, Apple collects a lot of data from its customers

According to an investigation from Forbes Cybersecurity and privacy journalist Kate O’Flaherty, the cybersecurity of Apple’s own apps is subpar(new window). Your passwords are relatively safe, but your apps, photos, text messages, purchase history, and more are accessible to Apple whether you like it or not. 

Researchers at Finland’s Aalto University have studied eight apps available across Apple devices: Safari, Siri, Family Sharing, iMessage, FaceTime, Location Services, Find My Phone, and Touch ID. They found that users “can’t easily stop data sharing in any of the iPhone apps studied” and that “the user interface is designed to be confusing for Apple users”. 

Apple’s password manager may be technically fit for purpose, but the wider Apple ecosystem has access to and may use your personal data for unspecified reasons.

How to improve your password security

The two things you need to prevent getting this notification again are the right approach to creating passwords and the right tools to keep them safe.

Create varied and strong passwords

If you have a weak password, this makes it much easier for hackers to access your accounts if you’re affected by a data breach. A weak password is one that’s easily guessable, like your birthday or the name of your pet. Passwords without numbers and special characters are also less secure. 

It’s also important to vary your passwords between accounts. If you use the same password for multiple accounts, then it’s less work for hackers to access these accounts. Unique passwords for each online account will strengthen your online security. 
We recommend creating passwords of around 12 to 15 characters with a mix of capital and lowercase letters, numbers, and special characters. Don’t include any personal information like a name or a date. You can use the Proton password generator to help you create strong passwords.

Change your password manager

Apple’s built-in password manager is convenient, but you can choose a better option that doesn’t lock you into a single platform. We created Proton Pass to make it easy to protect and manage your whole identity on the internet, regardless of your tech experience. It’s end-to-end encrypted and safeguarded by Swiss privacy laws, some of the strongest in the world.

Proton Pass can help you create extra layers of security for your accounts with:

  • End-to-end encryption: Proton protects the content of your vault with end-to-end encryption, meaning no one can read it but you. Our software is open-source and audited by third party experts. 
  • Two factor authentication (2FA): 2FA is an excellent way to protect your online accounts. It means you can only access an account after giving two pieces of information to prove your identity — this can be a password and an authentication app which will generate a unique code for you to log into your account with. Proton Pass has integrated 2FA, which automatically displays and autofills your 2FA codes, making secure login faster and easier.
  • Unlimited hide-my-email aliases: When you fill out a form with your email address, you lose control over who has access to it. Aliases are randomly generated email addresses that forward emails into your inbox and protect your true email address from being leaked. 
  • Regular security checks: Pass Monitor measures your password health, lets you know where you could be using 2FA, and scans the dark web for personal information including your email addresses, name, Social Security number, and more. It’s available for Pass Plus users and it offers the highest level of account security protection and support.
  • Biometric login: To log into your iPhone, you might use Face ID or Touch ID. You can also use these login methods to access online accounts. Biometric logins are secure because they’re entirely unique to you and they’re not easily replicated. You can use biometric login for macOS, Windows, iOS, and Android with Proton Pass.
  • Passkeys: Passkeys replace the need for passwords and 2FA altogether. They create cryptographic keys, which are essentially long strings of data that can’t be guessed by hackers. Currently passkeys are only supported for some websites, but they can be a strong method for protecting your accounts. Proton Pass offers passkey support across all devices. 
  • Advanced account protection: Proton Sentinel is an AI-powered high security program also monitored by human cybersecurity agents. It’s available as part of Pass Monitor.

You don’t need to be an IT expert to store your passwords and use the internet safely. There are online safety tools available made for people with no experience in cybersecurity — and Proton offers an easy-to-use and secure solution in Proton Pass.

Protect your passwords
Skapa ett gratis konto

Related articles

laptop showing Bitcoin price climbing
en
  • Privacy guides
Learn what a Bitcoin wallet does and the strengths and weaknesses of custodial, self-custodial, hardware, and paper wallets.
pixel tracking: here's how to tell which emails track your activity
en
Discover what pixel tracking is and how it works, how to spot emails that track you, and how to block these hidden trackers.
A cover image for a blog describing the next six months of Proton Pass development which shows a laptop screen with a Gantt chart
en
Take a look at the upcoming features and improvements coming to Proton Pass over the next several months.
The Danish mermaid and the Dutch parliament building behind a politician and an unlocked phone
en
We searched the dark web for Danish, Dutch, and Luxembourgish politicians’ official email addresses. In Denmark, over 40% had been exposed.
Infostealers: What they are, how they work, and how to protect yourself
en
Discover insights about what infostealers are, where your stolen information goes, and ways to protect yourself.
Mockup of the Proton Pass app and text that reads "Pass Lifetime: Pay once, access forever"
en
Learn more about our exclusive Pass + SimpleLogin Lifetime offer. Pay once and enjoy premium password manager features for life.