I brought up a Start Page in Safari 15 and a banner at the top read “Compromised Password.” I first thought that I must have been redirected to a website that looks like the Safari Start Page. The alert looked just like the kind of phishing technique that would lure someone in to entering the password for a site they weren’t visiting.
But on closer examination and a little research, I realized it was legitimate. I’d never received this kind of alert from Apple in Safari, despite the feature first appearing in operating system releases in the third quarter of 2020. (That makes me lucky.)
Because any legitimate security alert will be duplicated and impersonated by phishers and scammers, you can validate that it’s genuine by visiting one of the following locations:
In iOS or iPadOS, go to Settings > Passwords.
In Safari, go to Safari > Preferences > Passwords.
In macOS 12 Monterey, use Safari or the Passwords preference pane.
In each of those locations, you’ll see an alert about the password in question. If you dismiss the alert in Safari, it won’t appear, however.
Tap or click Change Password on the website, and Apple opens a browser window (within Passwords in iOS/iPadOS) where you can log in and then change your password, and agree to store the new one when the operating system prompts you to update the stored entry. If the site includes a configuration file in a special location, Apple opens directly to a web page for that site where you can change your password without further navigation.
While fixing one password, you can review others. At the top of the Passwords list in iOS, iPadOS, and macOS, there’s a Security Recommendations heading (tap it in iOS/iPadOS). You can scroll through a list of potentially compromised passwords, as well as those that the password system has identified as weak or used by two or more sites. Change those to reduce the risk of having accounts hijacked.
And, while you’re at, sign up for notifications at Have I Been Pwned?, a website that emails you if email addresses you register with the site appear in a data breach—one that’s dumped in a public repository, or found by researchers. 1Password relies on this database, while Apple seems to consult it along with other sources.
Ask Mac 911
We’ve compiled a list of the questions we get asked most frequently, along with answers and links to columns: read our super FAQ to see if your question is covered. If not, we’re always looking for new problems to solve! Email yours to email@example.com, including screen captures as appropriate and whether you want your full name used. Not every question will be answered, we don’t reply to email, and we cannot provide direct troubleshooting advice.