How to Fix a Compromised Password on Your iPhone

Sophia Taylor

By Sophia Taylor


Millions of people make themselves vulnerable every day by relying on insecure or re-used passwords. We are all prompted to create strong and unique passwords for each account we set up, be it email, online shopping accounts, or passwords for work accounts. However, so many of us will duplicate our passwords over multiple platforms, because who can reasonably remember tens, maybe hundreds of passwords at any one time?

Devising and remembering a complex password for every account and website can seem onerous. Yet using weak and simple passwords puts you at risk from data breaches, account takeovers, and other forms of cyberattack.

In iOS 15 Apple introduced a feature to tell iPhone users if any passwords saved to their device are weak or compromised.

With this feature, your iPhone will identify these for you automatically and an alert will show on your phone. Your iPhone can also securely monitor your passwords online and alert you if they appear in any known data leaks.

Think your iPhone is hacked?

If you’re concerned your iPhone has already been compromised with malware, perform a full scan using the award-winning Certo AntiSpy.

What to do if you have a compromised password on your iPhone

If you have received an alert to tell you that a compromised or weak password has been detected there are a few simple steps that you can take:

1. Open the Settings app and tap Passwords > Security Recommendations.

2. If an account has a weak or compromised password, a message explains the problem. Tap the account.

3. Tap Change Password, then change your password on the website or in the app.

If your iPhone warns you about a password for a website or app that’s no longer available, you can remove its account from your iPhone. Go to Settings > Passwords, then swipe left on the account.

Pro Tip: If the website or app allows you to “Sign in with Apple”, you can take advantage of the security and convenience of that feature. If you aren’t given this option when you change your password, many websites or apps allow the iPhone to automatically create a strong password and securely store this on your device, so you don’t have to remember it.

What is a weak or compromised password?

The criteria for a weak password on an iPhone is that it is easily guessed or used multiple times. This means that you should avoid things like ‘password123’ or anything containing easily discovered information like your children’s names and dates of birth.

A compromised password means that your password has been leaked online in a data breach. This means that hackers have gained access to your password and published it. This can be particularly harmful if you use the same password over multiple sites.

It might seem fairly innocuous if hackers could temporarily access say, a shopping site, but if you also use that password for more high-value or sensitive accounts then you could be vulnerable to attack. This means that not only should you use unique passwords, but if you have been duplicating passwords, and one site has been compromised, it is imperative that you change the password on all accounts.

Advice for life – how to keep passwords strong

If you want to avoid the pitfalls that come with a weak password you can do this by ensuring that you use a strong, unique password for all online accounts, and update these passwords regularly.

We recommend a password containing three words using numbers and symbols for maximum security. Keeping track of a lot of passwords can seem like an enormous task. If you have trouble remembering all of them, you may find a password manager useful. The built in iOS password manager is a great choice or other cross-platform solutions are also available, such as NordPass.

Final thoughts

There is often little you can do to prevent passwords being leaked or compromised, since it is out of your control if a company that holds your password gets hacked. You can, however, take swift action if your phone notifies you of a leak, and for peace of mind you can check your phone for any signs of stalkerware or hacking with Certo Antispy. This means that you can rest easy knowing that your phone is secure, even after a data leak.

Stop hackers for good

Combat spyware and other cyber threats with Certo AntiSpy, the world's leading anti-spyware tool for iPhones.

Cover Image by Freepik