Apple’s WWDC 2026 keynote this year revolved almost entirely around Apple Intelligence, which came as no surprise to anyone who follows the company closely. The original 2024 version of the platform was barebones, and largely useless apart from a handful of features such as Visual Intelligence. Even subsequent updates failed to change much, to the point that company openly admitted problems, and is facing a lawsuit over its marketing.
The tech is undergoing a massive overhaul for this fall’s software updates, relying on Google Gemini as the basis — though not a real-time data source — for improvements to its underlying models. What I’ve seen looks promising so far, especially Siri AI, which should finally be able to handle the sort of complex commands that Gemini, ChatGPT, and Alexa+ have been able to answer for a while. In fact if I were to go over everything Apple showed off, we’d be here a long time.
Something that caught the eye of myself and others at Pocket-lint is an AI feature coming to the iOS 27 Passwords app. It could be a real boon for security, but it also feels like it’s setting a dangerous precedent.
Apple’s bold gamble on security and privacy
How much should you trust any business?
The gist, if you’re new to this info, is that iOS 27 is expanding on a feature that’s already present in the Passwords app, namely the ability to detect whether a login you’re using is weak or compromised. Weak means that it could easily be guessed or brute-forced. Compromised logins have already been exposed in security breaches — you’re taking a serious risk if you don’t update your password immediately.
To date, the most the app has been able to do is call this to your attention. It’s up to you to actually change anything. I’m not sure how many people are following through, but given the long history of people being lazy about passwords — myself included, sometimes — anything that alerts the public to these vulnerabilities tends to be a good thing.
Or so I thought until WWDC. Starting with iOS 27, Apple Intelligence will be able to change your password for you in a single tap. An AI agent will log into a website via Safari, and navigate through menus on it sown until it can create and save a new, stronger password that’s automatically updated on your iPhone as well.
For some people, this could be a great aid. Websites don’t necessarily make it easy to update your password, and even if they do, having to open Safari (or Chrome) can be enough friction to deter someone. If it works as advertised, this should be an utterly seamless experience, especially if you own other devices with the Passwords app like a Mac or iPad.
What may bother me and many of you the most is the idea of giving an AI agent free rein on a third-party website.
The first flag this raises is that you’re not getting any choice in the new password, at least in the press material that’s been shared so far. Given the normal criteria for a “strong” one, you’re liable to end up with a long string of letters and numbers that’s difficult if not impossible to remember. If you don’t want to rely exclusively on the Passwords app, you’re going to have to copy it elsewhere, which could actually increase security risks if you’re not using an equally secure locker.
In fact, an obvious goal here is to deepen the hooks of the Apple ecosystem. Most people aren’t going to want to do that copying if they can get away with Passwords, which also has a toehold in Windows by way of the iCloud app. The more you use this new feature, the more dependent you might become on Apple software and services, and the more tempted you might be to make every device in your home an Apple product — especially with the company’s other auto-syncing services. While my work laptop is a Windows PC, I have to admit that it’s very convenient to automatically find photos from my iPhone on my iPad and Apple TV 4K.
What may bother me and many of you the most is the idea of giving an AI agent free rein on a third-party website. It’s one thing when Gemini, for instance, gets permission to dip into my Gmail and YouTube accounts, since those are all under Google. Trusting that an Apple agent will always do the right thing on outside websites is asking a lot, assuming it’s even as capable as Apple claims.
The trust factor
The future is not the present
Admittedly, if there’s any of the tech megacorps I’d trust with this, it’s Apple. The company has made privacy a major tentpole for its products, to the extent that it’s what probably crippled the first incarnation of Apple Intelligence. Since its AI models weren’t able to scour all available data sources, it was hard for it to evolve at all, much less catch up to Google or OpenAI.
The company’s record isn’t immaculate, mind. The first thing that comes to mind is the existing version of Siri. Several years ago, it was revealed that if you opted into sharing analytics with Apple, anonymized recordings would be reviewed by contractors — but since Siri is often triggered accidentally, it was sometimes picking up very sensitive audio, even sexual encounters. Reviews are still being conducted today, although contractors are only getting transcripts. It’s Apple employees listening to audio.
I won’t necessarily begrudge anyone else for taking the leap, since a compromised password is a much more immediate threat.
That alone should give you some pause. While Apple may be a relatively ethical company at the moment, corporations change, especially under new leadership. There’s no telling how stringent it will be with the Passwords app down the line, as many businesses have softened their ethics in the name of growth and profit. Google infamously abandoned its “don’t be evil” policy, which seems like an extremely low bar to clear. Presumably it did this to avoid looking too hypocritical about things like US and Israeli military contracts.
I’m actually optimistic about Apple upholding standards in the foreseeable future, if not for idealistic reasons. Simply put, the company’s reputation is tied so closely to privacy measures that if its AI features turn into a disaster, it may lose an entire generation of iPhone, iPad, and Mac owners. It counts on those people for financial stability, and they might not come back given the range of Android and Windows products out there. A Galaxy S26 Ultra is a pretty solid alternative to the iPhone 17 Pro Max.
Time will tell, I suppose. To be careful, I’m going to steer clear of automatic password fixing in iOS 27. But I won’t necessarily begrudge anyone else for taking the leap, since a compromised password is a much more immediate threat than what incoming Apple executives might decide a few years from now.
- Brand
-
Apple
- SoC
-
A19 Pro
- Display
-
6.3-inch 1206 x 2622 pixel resolution Super Retina XDR OLED, 120Hz, HDR10, Dolby Vision, 1000 nits / 1600 nits peak brightness
- RAM
-
N/A
