Understanding iOS Password Creation: Apple's Strategic Approach

How iOS Forms Your Passwords

When you log into a new service or website on an iPhone, iPad, or Mac, the operating system will promptly suggest a ready-made password that you can accept or reject. This password will be quite long; it will not contain any recognizable words; and it will contain special characters such as hyphens and numbers. All of this fulfills the requirements for passwords so that attackers cannot crack them easily by brute force.

Apple’s Secret Language

The passwords suggested by iOS and macOS actually follow a sophisticated system, reveals Ricki Mondello, a long-time Apple employee on the security team. The iPhone manufacturer introduced the system in 2018 with iOS 12, and there's even a WWDC video about it.

• Each suggested password consists of twenty characters, mostly letters, divided into three sections by hyphens.
• These sections are easier to memorize than one long, complex sequence.
• Apple's characters are structured to create syllables that can be easily recognized and pronounced.
• Only one capital letter is included to enhance typing accuracy.
• A single digit appears in predetermined locations to maintain predictability in password composition.

The Hidden Logic of Auto-Generated Passwords

To conclude, Apple's randomly generated passwords are not actually random at all but follow several fixed rules. This ensures a balance between strong passwords that cannot be guessed and reasonably good usability for manual entry on other platforms.