iOS 27 introduces the first AI agent for automatically replacing weak and leaked passwords

Apple is adding a new feature to its Passwords app that will be able to automatically update weak or compromised credentials with the help of Apple Intelligence and Safari.

The Passwords app already warns users when a password is too simple, reused across multiple sites, or potentially exposed in a data breach. Until now, however, every fix has had to be made manually. The user would visit each site, navigate to the settings section, change the password, and store the new version.

In iOS 27, that process is being significantly simplified. Apple Intelligence will be able to act on the user's behalf, opening the relevant site through Safari, logging in, locating the right settings section, and replacing an insecure password with a stronger one.

Apple describes this kind of system as agentic. In practice, it functions as an AI agent capable of completing a sequence of actions inside the browser and the Passwords app, with the user only needing to authorize the process before it begins.

When the automatic password replacement is running in the background, its status will be displayed as a Live Activity. This will allow the user to see what the system is doing at any given moment, without having to open the Passwords app itself.

The feature continues the evolution of Apple's built-in password manager. In its earlier form, the tool primarily stored logins, generated strong passwords, and warned users about potential risks. Apple now wants the system to go a step further, helping resolve issues automatically rather than simply flagging them.

The change is likely to be particularly useful for users who have accumulated dozens of old, weak, or compromised accounts inside Passwords. Instead of replacing each one manually, the system will be able to handle the bulk of the work on its own.

The new capability will arrive together with the Apple Intelligence updates in iOS 27.