alt Hacker NewsOh that's not even the worst of the stupid shit.
When you have Apple managing your keychain, your passwords stored in that, your passkeys stored in that, them filling in your MFA info by reading your email and SMS on every device, supplying your primary email account and all your throwaway addresses, and possibly trying to tie you into their OAuth or whatever for a third party, you are fucked if something goes trivially wrong.
Hi, I'm one of those people.
Welcome to being a human being, where you need dozens of different accounts and passwords and passkeys and authenticators to live in modern society.
Apple passwords just work. They integrate nicely with most websites where I can authenticate using biometrics instead of copy-pasting and leaving my credentials on my clipboard.
And let's be real here, no one else in the industry comes even close to the amount of investment, research, and maintenance of security platforms than Apple. I would not bet against Apple's security failing.
Everything is a tradeoff between convinience and security. I think Apple's password manager is the perfect middleground. I let it generate different passwords for every site, store my passkeys etc.
No one has the time to fully optimize their security footprint. No one. And if you do you're either A) working in a sensitive area that requires it for your job or B) being targeted by state-level threat actors or C) lying. Anything beyond a password manager + 2fa is severe overkill for anyone else.