What is Apple's iCloud Keychain and how do I use it?
January 13, 2014
Apple’s iCloud Keychain feature is the company's attempt to make a basic level of password management available in its iOS 7 mobile OS. It’s a convenient feature that keeps your account names, passwords, and credit card numbers stored in iCloud. Here's a look at what it is and how to use it.
What is iCloud Keychain?
It’s a management feature in iOS 7 that keeps your account names, passwords, and even credit card numbers stored behind 256-bit AES encryption on Apple's iCloud servers. Then that data is synced between authorized iOS 7 devices and OS X Mavericks – the latest computer OS from Apple.
How to use iCloud Keychain
The first time you set up your device for iOS 7, you'll be asked if you want to enable iCloud Keychain. But if you skipped that step during setup, you can turn it on later. To enable or disable the feature go to Settings > iCloud > iCloud Keychain and there you can toggle it on or off.
The first time you turn iCloud Keychain on, you'll be prompted to sign in to iCloud with your Apple ID credentials. After that, you'll be prompted to create a passcode. You can either use the code you've set up to lock your device or create a different one. I recommend using something different for improved security. This way, if someone knows your device's lock screen code, it won't be as easy for them to get into your passwords and credit card info.
When you go to a site that requires you to log in, after entering your password, a message will come up asking if you want to save the information.
iCloud Keychain can generate passwords for you, too. Though the passwords it generates aren't particularly strong, it's definitely better than using the same password for all of your sites. To generate one, open Safari and go to the site you want to create a password for. Fill out everything else that's required, and when you get to the password field, you'll notice a "suggest password" option above the onscreen keyboard. Tap on it.
Not all sites are set up to work with iCloud Keychain, however. Sometimes you'll run into problems where the site doesn't support generating or saving passwords with iCloud Keychain yet.
If the above situation happens to you, there is a way to force sites to save to iCloud Keychain anyway. Go to Settings > Safari > Passwords & AutoFill, then turn on the Always Allow option.
Then go back to the website and you should have no problem saving a password you create or allow it to generate a suggested password.
If you ever want to delete a saved password, go to Settings > Safari > Passwords & AutoFill > Saved Passwords. There you'll see a list of sites that have saved passwords. Tap Edit, then select the site(s) you want to delete passwords for. Then enter the passcode you created, then verify the action. If you tap the website on this page, you'll be prompted to enter in your passcode, and then you can see the passwords for each of the sties.
For the credit card information, any time you type it in while making a purchase in Safari, iCloud Keychain will offer to remember it for you, just like passwords. But you can also enter this information in manually.
Go to Settings > Safari > Passwords & AutoFill > Saved Credit Cards. On the next screen tap Add Credit Card, then type in your credit card information. Do this for each card you want to add. If you need to make any changes to it, just tap the card you need, enter in your passcode, tap Edit, then make the appropriate changes or delete the card.
Is iCloud Keychain secure?
Though everything is easy and convenient, there are some caveats. For instance, iCloud Keychain doesn't have a separate master password option. That means, once you unlock your iPhone or iPad and hand it off to someone, they will have access to all of your passwords and credit cards.
Also, it doesn't generate super strong passwords. However it's a good starting point for users who want more security versus using the same password on every website. Plus all of your stored data in iCloud Keychain is protected by 256-bit AES encryption.
iCloud Keychain provides the convenience of storing your passwords and credit card details and syncing them between other authorized devices, but it is a "first time" effort from Apple. If you're hesitant and want an established password manager, you might want to look at other options, such as 1Password or LastPass.
If you're reluctant to have your credit card information stored and synced between devices in the cloud, you can use it for passwords only. It's not perfect, and in my tests, a lot of sites just didn't support it – even apple.com. For those sites to work, you'll need to force sites to accept the feature. It's a decent enough start, but I wouldn't recommend using it on important sites, such as online banking, PayPal...etc. At least not in this first iteration.