macReports

Apple iOS Mac OS X Reports , Help and News

  • How to
  • News
  • Not working?
  • Tips and Tricks
  • Guides
You are here: Home / Guides / This Password has Appeared in a Data Leak: Security Recommendations on iPhone

This Password has Appeared in a Data Leak: Security Recommendations on iPhone

Last updated on October 24, 2020 By Stacey Butler 10 Comments

iCloud Keychain users might have seen this message about their passwords. If you have seen this, you may be a little (or more than a little) worried. What does this mean? Does someone have access to your accounts somewhere? Which ones and what should you do?

Password appeared in data breach

The message says: This password has appeared in a data breach, which puts this account at high risk of compromise. Likewise, you may also see a warning message saying “Compromised, reused password”.

See also: Keychain not working?

In this article, we will explain what it means to say that your password has appeared in a data leak, what you should do about it and how to prevent your passwords from being compromised in the future.

See also: Wi-Fi Weak Security Message on iPhone or iPad: WPA/WPA2 (TKIP) Not Considered Secure

Keychain Passwords and your Security Recommendations

When you use iCloud Keychain, your passwords are saved and updated across your devices: iPhone, iPad, and Mac. To find information about your saved passwords on your iPhone, go to Settings > Passwords. Here you can change some of your Keychain settings and edit or delete passwords from Keychain. If there are any Security Recommendations, you will see a warning here. Tap to learn more about the warnings and which passwords are involved.

See also: How To Manage Web Site Usernames & Passwords In Safari (iOS and macOS)

settings > passwords

There are a few different warning messages you may see regarding your passwords. If there is anything “high risk” about one or more of your passwords, the warning messages will appear near the top of the page under High Priority. The most concerning is the one from the title of this article: This password has appeared in a data leak, …

data leak message

Another message will tell you that you are reusing a password.

reused password message

You can also see other password security messages under Other Recommendations. Here the messages you might see are: Reused password or Easily guessed password.

From the Security Recommendations page, you can tap on the message to see more information about your login credentials for that website. You will see your User Name, Password and the last date your password was modified.

See also: Set Up a New iPhone: How to Transfer Data from your Old iPhone

What Should you Do?

For any of these password security issues, you should change your password. Your passwords should be unique (i.e. not reused), and should not be easy to guess.

See also: Forgot your iPad Passcode? How to Reset to Factory Settings

Reused Password

The main issue that comes with reusing a password is that if your password is gathered in a data breach that affected one of your accounts, that password could be used by hackers to access other accounts where you have reused that same password.

See also: How to Import Chrome or Firefox Passwords to iCloud Keychain on Mac

Password that has Appeared in a Data Leak

You definitely need to change the passwords that have appeared in a data leak. If you see this message, your user ID and password have been compromised. This means that someone can use this information to gain access to your account.

See also: Safari Says: Not Secure. What Does It Mean?

You may be wondering how Apple finds out about these data leaks and knows that your info was involved. There are databases of user ID / password combinations that have been stolen from businesses and websites.

You can check if your passwords have been compromised on haveibeenpwned.com. This site collects information about data breaches. You can see which companies/websites have had data breaches, check your own passwords and set up notifications about future compromises to your accounts.

See also: How To View Saved Wi-Fi Passwords On Your Mac

Password and Security Recommendations

One thing you can do to protect your account’s integrity is to use 2-factor authentication when available. For your passwords, they should be at least 12 characters long, unique, and not be made from real words. iCloud Keychain can generate strong, unique passwords for you.

See also: How to Share Files and Folders in iCloud Drive

For the passwords that show up in your iPhone’s Security Recommendations (Settings > Passwords > Security Recommendations), you can select Change Password on Website to change your password or tap on the account, then select Change Password on Website.

change password

Recent Articles:

  • iPhone Silencing your Calls? How to Fix iPhone not Ringing Problem
  • Split Screen on iPad: How to Open and Close Apps
  • How to Set Up Apple TV when Remote is Lost or not Responding

Filed Under: Guides Tagged With: iPhone, Passwords

Comments

  1. Cathy Anderson says

    February 28, 2021 at 4:00 pm

    I have been a long time loyal Apple consumer like all of you as Apple has claims of tight security and great support!
    Well we know now, Apple has gotten sloppy,lazy and slack on all fronts and tech support or support pages to find help is a joke and I find many of the higher rated spokesperson are rude to fellow Apple consumers trying to get answers to the issues they have ! Apple now is costly bloated technology that many of use did not mind spending the extra $$ cause Apple had our backs !!
    This Apple iPhone 11 Pro Max and Apple iPad Air 3 gen are the end of my Apple purchases.

    Reply
  2. Ky says

    February 28, 2021 at 4:43 am

    I’m changing my passwords regularly and it still shows within a week or two that my new passwords are in a data leak. Does this mean my phone is hacked? I dont see how else my new passwords are known, no duplicates used

    Reply
  3. Tamara says

    February 18, 2021 at 3:29 am

    Even the instagram 2-identifications code generator on my other phone was leaked by this phone. I’m thinking that apple got leaked because my passwords are different for some. Was thinking of switching phones anyways and now more than ever because iphones are no longer safe as previously implied.

    Reply
  4. Erving Z says

    January 3, 2021 at 3:15 pm

    Well, if you see a single notification about password in data leak – someone hacked your password for that particular website.
    If you see a few – you probably used same password for few of your websites.

    But if you see *ALL* you passwords in the data leak – it means the key manager itself was hacked. Thanks, Apple!

    Reply
    • Jeannie says

      February 3, 2021 at 2:28 pm

      If I just “delete password” on the list of problem passwords on my iPhone, what does that do? Does it solve any security issues? There are numerous data breaches and easily-guessed passwords in the list for websites I rarely visit so I don’t need a new password. I’m just not sure what hitting “Delete Password” on my phone is actually doing!

      Reply
    • Samo says

      February 21, 2021 at 3:05 am

      Why in the United Kingdom whenever an issue like this is raised there’s zero links nothing from apple. Supposedly most secure by looks of it because they don’t admit breaches in security!

      Reply
  5. Rebecca says

    December 2, 2020 at 1:04 am

    I have 228 Security Recommendations because of a data leak? Do I need to change all of them?

    Reply
    • Sharon says

      December 8, 2020 at 10:10 pm

      I have received the same message. Makes you wonder just who had the security breach. Apple? To answe your question, according to the above, yes we have to change each and every password ‘immediately’. There does not appear to be an easy way to do this. Someone please correct me if I’m wrong.

      Reply
      • Linda says

        December 11, 2020 at 4:40 pm

        I also have 100s of passwords that have been breached.
        I came here hoping for a work-around but I guess I’ll have devote many hours updating each password one-by-one.

        Reply
      • Vernon says

        December 11, 2020 at 4:59 pm

        If you use a password manager like LastPass, there are some websites that allow LastPass to update passwords automatically with a strong randomized password. Those programs also include a good password generator that you can specify the length and complexity.

        Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow us

  • Facebook
  • RSS
  • Twitter

Got a tip for us? Email us.

Latest Posts

Can’t Delete Apps from Apple Watch? How to Fix

How to Set Up Medical ID on your iPhone

How to Recover Deleted iCloud Files on iPhone, iPad, Mac, and iCloud.com

Can’t Transfer Photos or Videos from iPhone / iPad to Windows Computer? How to Fix

How to Share Audio with your Friend using AirPods or Beats

Pages

  • About macReports
  • Contact Us
  • Privacy Statement
  • Terms of Use

Tags

AirPods Apple Car Apple Card Apple Company Apple ID Apple Music Apple Pay Apple TV Apple Watch Apps App Store Backup Black Screen Bluetooth Catalina FaceTime iCloud iMessage iMessages iMovie iOS iOS 14 iPad iPhone iTunes Keyboard Mac Mac Battery MacBook macOS macOS Big Sur Mail Mail App Messages Notifications PDF Photos Safari screenshot Siri Spotlight Search Update Wi-Fi Windows YouTube

Search macReports

Categories:

  • Guides
  • How to
  • News
  • Not working?
  • Tips and Tricks

About macReports:

This website is founded by Serhat Kurt. He worked as a Senior Technology Director. He holds a doctoral degree (or doctorate) from the University of Illinois at Urbana / Champaign and a master’s degree from Purdue University.

Stacey Butler

Stacey Butler is a tech writer at macReports covering news, how-tos, and user guides. She is a longtime Mac and iPhone user and holds a Ph.D. from the University of Illinois at Champaign-Urbana.

 

This website is not affiliated with Apple.

Copyright © 2021 / macReports

This website uses cookies. By navigating around this site you consent to cookies being stored on your machine.Accept