I’m sure you’ve been hearing updates coming out of this week’s Apple Worldwide Developers Conference in San Jose. I’ve been here all week, and what I’ve been most excited about (but I’m biased) is how much attention passwords are getting. I thought it would be helpful to break down all the Apple password news and what it means not only for LastPass users but all iOS users.
iOS Password Manager API
The biggest news for us here at LastPass is that the newest iPhone OS – iOS 12 – will include a password manager API to automatically autofill passwords in apps and websites in Safari. This will make it much easier to use LastPass on your iPhone and iPad apps! Now, when you open an app – like your banking app for example – the keyboard itself will offer your username or password as an autofill option. Yes, you read that right, in the app! This feature, called QuickType, is similar to how autocorrect works now. We have been hoping that Apple would allow us to do this, so we can’t wait to start work on this soon.
It will also make it easier to autofill websites within the Safari browser on your phone using the same QuickType functionality mentioned above. If you want to use autofill in Safari today, you can by enabling the Safari extension in your LastPass app. But this new API will make it even easier to autofill.
This is a huge step forward for Apple, especially since Android Oreo already offers autofill support. Android’s autofill functionality is more robust because not only does it autofill your passwords, but it also captures and saves them as well. Meaning, when you enter a password into an app you will get a prompt to save it to LastPass, which makes it easier to create new accounts from your phone.
These are really exciting updates for iOS users and we’re eager to see if Apple continues to add similar functionality, like saving passwords, and autofilling forms like credit cards and addresses.
Siri and MFA Updates
Is there anything Siri doesn’t know? With iOS 12, she’ll know your passwords. The updated OS will allow you to ask Siri to bring up you to the passwords list in Settings. Also, you can say “Launch LastPass” to get to the LastPass app quickly.
Multi-factor authentication is getting a little easier with iOS 12’s ability detect incoming MFA codes and autofill them in the app for you. This will also work on macOS Mojave and in Safari as well. This will be a great alternative when push notifications are not available for a site or app.
In addition to this new API, Apple had more password news. The new macOS Mojave will include updates to Safari’s ability to create, autofill, and store passwords in the browser. It will also recognize reused passwords stored in Safari and Keychain, and encourage you to change them.
Apple’s recognition of the password reuse problem is exciting – seeing as the 2017 Verizon Data Breach Report found that 81% of breaches were caused by weak and reused passwords. Now of course this only works if you’re using Apple’s Keychain feature in Safari. We obviously encourage you to use an app dedicated to password management, like LastPass (check out our blog post on why your browser isn’t a good solution to password management), but we’re still glad that Apple is bringing awareness to the password reuse problem.
Overall, it was a big day for passwords in the Apple world and it’s only getting started. We’ll be sure to keep you updated as we work on developing our mobile iOS app to support the autofill functionality.
Akos Putz is the lead Product Manager for LastPass mobile platforms.