Overview
- Apple announced the feature at WWDC on Monday and shipped iOS 27 developer betas the same day, with a public beta next month and a full rollout scheduled for September 2026.
- The Passwords app and Safari use Apple Intelligence to sign in to eligible sites, generate new strong passwords, update credentials, and save them to the Passwords app after an initial user tap, showing progress as a Live Activity.
- Apple says most work runs on-device and that more complex requests use Private Cloud Compute so personal data is not stored or accessible to Apple, a design it describes as privacy-first.
- Security researchers warn agentic password automation creates new attack surfaces—examples include prompt injection, retrieval poisoning, and telemetry manipulation—and recommend policy checks, human approval steps, and audit visibility before broad deployment.
- The update shifts Passwords from a warning tool launched in 2024 to an active fixer, which could reduce the burden on users and change competitive dynamics with third-party managers like 1Password if the agent proves reliable.