Hands-On Apple 223: Level Up Your Passwords Security

Host: Micah Sargent
Date: March 19, 2026
Podcast: All TWiT.tv Shows (Audio)

Episode Overview

This episode of Hands-On Apple continues the series exploring Apple's built-in Passwords app. Micah Sargent dives deeper into advanced password management, focusing on setting up two-factor authentication (2FA), using passkeys, and leveraging Apple's security alerts within the Passwords app. The goal is to help listeners secure their online accounts using the latest tools, highlighting practical workflows and best practices.

Key Discussion Points & Insights

Recap & Series Context

The episode is a continuation of a series on Apple's Passwords app.
Listeners are encouraged to watch the previous episode for a rundown on the basics: setup, cleaning out old accounts, and foundational features.
"We are taking a look at Apple's built in Passwords app to help you understand how to use the Passwords app. What you need to know about it..." (01:32)

Two Factor Authentication (2FA/TOTP)

Detailed walk-through of setting up TOTP codes (time-based one-time passwords) in the Passwords app.
TOTP uses 6-digit codes changing every 30 seconds, typically set up via QR code.
Automatic integration: The app handles code generation and autofill on iOS and macOS.
Practical demo:
- Example setup for Amazon, using "Authenticator app" instead of SMS.
- On macOS: right-click the QR code on the website, choose "Set up verification code," match it to the right account, and the app auto-generates and stores the code.
- When logging in: Touch ID autofills username and password, then the OTP code, streamlining secure access.

"So setting up two factor codes, very easy to do. It will automatically fill those for you after you’re done." (07:24)

Importing 2FA from Other Apps:

Move your 2FA codes step-by-step, verify setup before deleting from old apps.

Security Note:

2FA provides a powerful second layer. If a password is compromised, unauthorized access is blocked without the TOTP code.

Passkeys: Passwordless Future

Definition: Passkeys replace passwords entirely, using cryptographic key pairs stored securely on devices.
Security benefit: Cannot be stolen or phished like passwords/SMS codes; immune to attacks like SIM jacking.
Setup demo:
- Amazon example revisited. In Login/Security, select "Passkey," authenticate via Touch ID. Passkey is stored in Apple's Passwords app.
- Signing in next time, simply authenticate with Touch ID—no password entry required.
Compatibility:
- Some sites allow passkeys as a full replacement; others use it as an additional factor.
- Ensure iCloud Keychain is enabled for syncing across all devices.

"You don’t have to remember a string of characters, there’s nothing to autofill. And instead your device and the website's server create what is called a key pair." (09:20)

Security Recommendations

Apple’s Passwords app highlights:
- Reused passwords — flagged to prevent same password across services.
- Weak passwords — flagged for ease of guess/cracking.
- Leaked passwords — flagged if exposed in data breaches (with password monitoring enabled).
Action workflow:
- Tap flagged password, “change password” directs you to the relevant site, generates a new strong password, and updates it automatically.
Prioritization advice:
- Start with compromised passwords in financial/email accounts.
- Then fix reused ones on critical accounts.
- Address weak passwords for low-stakes or seldom-used sites later.
Frequency Tip:
- Don’t aim to fix everything at once—avoid burnout.
- Check the security category monthly or at each app use, similar to monitoring a credit score.
Proactive alerts: The app notifies you automatically if a password is found in a new breach.

"I recommend not trying to fix everything in one sitting. It is... It takes a long time. You might get burned out. So prioritize. Compromised passwords are incredibly important..." (15:45)
"Check this security category, say once a month. Set yourself a reminder. Or perhaps it's every time you open this app. Think of it like checking your credit score." (16:50)

Notable Quotes & Memorable Tips

On workflow excitement:
"It’ll also give you that warm fuzzy feeling of knowing that you’re protecting your account." (17:34)
On passkeys:
"They are being touted as the future of logging in. We’ll see if that continues to be the case..." (17:58)

Practical Homework (Action Recap)

Set up at least one verification (2FA) code in the Passwords app for a regularly-used account, to experience autofill and the improved workflow.
Create a passkey on a site that supports it (e.g., Google).
Open the security category in the Passwords app and fix two to three flagged passwords, starting with the most important (finance and email).

What’s Next?

Teaser for the next episode:

Advanced features: including shared password groups, app limitations, and evaluating when to use third-party password managers.

"Next episode, we're covering some of the more advanced features within the passwords app, including shared password groups... and the big question, which is, is that password app enough or do you still need a third party password manager?" (17:59)

Host: Micah Sargent
Podcast: TWiT - Hands-On Apple
Episode Length: ~18 minutes (content spans ~01:15–18:00)

Hands-On Apple 223: Level Up Your Passwords Security

Host: Micah Sargent
Date: March 19, 2026
Podcast: All TWiT.tv Shows (Audio)

Episode Overview

Key Discussion Points & Insights

Recap & Series Context

The episode is a continuation of a series on Apple's Passwords app.
Listeners are encouraged to watch the previous episode for a rundown on the basics: setup, cleaning out old accounts, and foundational features.
"We are taking a look at Apple's built in Passwords app to help you understand how to use the Passwords app. What you need to know about it..." (01:32)

Two Factor Authentication (2FA/TOTP)

Detailed walk-through of setting up TOTP codes (time-based one-time passwords) in the Passwords app.
TOTP uses 6-digit codes changing every 30 seconds, typically set up via QR code.
Automatic integration: The app handles code generation and autofill on iOS and macOS.
Practical demo:
- Example setup for Amazon, using "Authenticator app" instead of SMS.
- On macOS: right-click the QR code on the website, choose "Set up verification code," match it to the right account, and the app auto-generates and stores the code.
- When logging in: Touch ID autofills username and password, then the OTP code, streamlining secure access.

"So setting up two factor codes, very easy to do. It will automatically fill those for you after you’re done." (07:24)

Importing 2FA from Other Apps:

Move your 2FA codes step-by-step, verify setup before deleting from old apps.

Security Note:

2FA provides a powerful second layer. If a password is compromised, unauthorized access is blocked without the TOTP code.

Passkeys: Passwordless Future

Definition: Passkeys replace passwords entirely, using cryptographic key pairs stored securely on devices.
Security benefit: Cannot be stolen or phished like passwords/SMS codes; immune to attacks like SIM jacking.
Setup demo:
- Amazon example revisited. In Login/Security, select "Passkey," authenticate via Touch ID. Passkey is stored in Apple's Passwords app.
- Signing in next time, simply authenticate with Touch ID—no password entry required.
Compatibility:
- Some sites allow passkeys as a full replacement; others use it as an additional factor.
- Ensure iCloud Keychain is enabled for syncing across all devices.

"You don’t have to remember a string of characters, there’s nothing to autofill. And instead your device and the website's server create what is called a key pair." (09:20)

Security Recommendations

Apple’s Passwords app highlights:
- Reused passwords — flagged to prevent same password across services.
- Weak passwords — flagged for ease of guess/cracking.
- Leaked passwords — flagged if exposed in data breaches (with password monitoring enabled).
Action workflow:
- Tap flagged password, “change password” directs you to the relevant site, generates a new strong password, and updates it automatically.
Prioritization advice:
- Start with compromised passwords in financial/email accounts.
- Then fix reused ones on critical accounts.
- Address weak passwords for low-stakes or seldom-used sites later.
Frequency Tip:
- Don’t aim to fix everything at once—avoid burnout.
- Check the security category monthly or at each app use, similar to monitoring a credit score.
Proactive alerts: The app notifies you automatically if a password is found in a new breach.

Notable Quotes & Memorable Tips

On workflow excitement:
"It’ll also give you that warm fuzzy feeling of knowing that you’re protecting your account." (17:34)
On passkeys:
"They are being touted as the future of logging in. We’ll see if that continues to be the case..." (17:58)

Practical Homework (Action Recap)

Set up at least one verification (2FA) code in the Passwords app for a regularly-used account, to experience autofill and the improved workflow.
Create a passkey on a site that supports it (e.g., Google).
Open the security category in the Passwords app and fix two to three flagged passwords, starting with the most important (finance and email).

What’s Next?

Teaser for the next episode:

Advanced features: including shared password groups, app limitations, and evaluating when to use third-party password managers.

Host: Micah Sargent
Podcast: TWiT - Hands-On Apple
Episode Length: ~18 minutes (content spans ~01:15–18:00)

wavePod

Hands-On Apple 223: Level Up Your Passwords Security

Summary

Hands-On Apple 223: Level Up Your Passwords Security

Host: Micah Sargent
Date: March 19, 2026
Podcast: All TWiT.tv Shows (Audio)

Episode Overview

Key Discussion Points & Insights

Recap & Series Context

Two Factor Authentication (2FA/TOTP)

Passkeys: Passwordless Future

Security Recommendations

Notable Quotes & Memorable Tips

Practical Homework (Action Recap)

What’s Next?

Summary

Hands-On Apple 223: Level Up Your Passwords Security

Host: Micah Sargent
Date: March 19, 2026
Podcast: All TWiT.tv Shows (Audio)

Episode Overview

Key Discussion Points & Insights

Recap & Series Context

Two Factor Authentication (2FA/TOTP)

Passkeys: Passwordless Future

Security Recommendations

Notable Quotes & Memorable Tips

Practical Homework (Action Recap)

What’s Next?

Hands-On Apple 223: Level Up Your Passwords Security

Summary

Hands-On Apple 223: Level Up Your Passwords Security

Host: Micah Sargent Date: March 19, 2026 Podcast: All TWiT.tv Shows (Audio)

Episode Overview

Key Discussion Points & Insights

Recap & Series Context

Two Factor Authentication (2FA/TOTP)

Passkeys: Passwordless Future

Security Recommendations

Notable Quotes & Memorable Tips

Practical Homework (Action Recap)

What’s Next?

Summary

Hands-On Apple 223: Level Up Your Passwords Security

Host: Micah Sargent Date: March 19, 2026 Podcast: All TWiT.tv Shows (Audio)

Episode Overview

Key Discussion Points & Insights

Recap & Series Context

Two Factor Authentication (2FA/TOTP)

Passkeys: Passwordless Future

Security Recommendations

Notable Quotes & Memorable Tips

Practical Homework (Action Recap)

What’s Next?

Host: Micah Sargent
Date: March 19, 2026
Podcast: All TWiT.tv Shows (Audio)

Host: Micah Sargent
Date: March 19, 2026
Podcast: All TWiT.tv Shows (Audio)