$30 off During Our Annual Pro Sale. View Details »

Intro WWDC ’18 Session: Automatic Strong Passwords and Security Code AutoFill

Kishikawa Katsumi
June 22, 2018
Programming
1
1.7k

Intro WWDC ’18 Session: Automatic Strong Passwords and Security Code AutoFill

Intro WWDC ’18 Session:
Automatic Strong Passwords and Security Code AutoFill

Kishikawa Katsumi

June 22, 2018
Tweet

More Decks by Kishikawa Katsumi

See All by Kishikawa Katsumi
Mastering SwiftSyntax
kishikawakatsumi
3
3k
My SwiftData Review
kishikawakatsumi
7
1.1k
Swift Expression Macros: a practical introduction
kishikawakatsumi
3
1.4k
Xcode Cloudの評価
kishikawakatsumi
2
970
Regular expressions basics/正規表現の基本
kishikawakatsumi
6
550
家のいろいろな数値を計測する
kishikawakatsumi
4
1.8k
GitHub Actionsでテストの結果をわかりやすく表示する
kishikawakatsumi
1
570
GitHub Actionsでテストの結果をわかりやすく表示する
kishikawakatsumi
1
1.3k
Network ExtensionでiOSデバイス上で動くパケットキャプチャを作る
kishikawakatsumi
7
6.3k

Other Decks in Programming

See All in Programming
リーンスタートアップのリーンな品質の話
techouse
0
490
進化したWeb技術でPWAをネイティブアプリに近づける / frontend-conf-2023
yuhei_fujita
6
2.6k
Intro to Stateful Services or How to get 1 million RPS from a single node
antyadev
0
140
Bun がメジャーリリースされたけど、本当にBun はNode.js に取って代わるのか?をAWS Lambda で検証してみた
smt7174
1
2k
Angular 17 - Rainaissance
gregonnet
0
130
第42回ロボティクス勉強会:実環境を手軽にシミュレータ環境に持ってくるpointcloud2gazebo
atinfinity
0
920
The Secret Ingredient: How to Understand and Resolve Just about Any Flaky Test
aridlehoover
PRO
1
240
Microservices: what does good look like? (Nov 2023)
cer
PRO
0
460
Kaggle-Vesuvius-Challenge-Ink-Detection-2nd-Solution
mipypf
0
1k
「価値」あるものを作るためにエンジニアができること - NIFTY Tech Day 2023
niftycorp
0
130
From Spring Boot 2 to Spring Boot 3 with Java 21 and Jakarta EE
ivargrimstad
0
790
Gatlingによる負荷テスト入門
irof
6
560

Featured

See All Featured
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
39
4k
Building a Modern Day 
E-commerce SEO Strategy
aleyda
13
5.9k
Producing Creativity
orderedlist
PRO
335
38k
Learning to Love Humans: Emotional Interface Design
aarron
265
39k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
0
2.7k
Web development in the modern age
philhawksworth
201
9.9k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
44
12k
JazzCon 2018 Closing Keynote - Leadership for the Reluctant Leader
reverentgeek
177
10k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
1
890
The MySQL Ecosystem @ GitHub 2015
samlambert
241
11k
10 Git Anti Patterns You Should be Aware of
lemiorhan
645
57k
Typedesign – Prime Four
hannesfritz
35
1.8k

Transcript

  1. Intro WWDC ’18 Session:
    Automatic Strong Passwords and
    Security Code AutoFill
    Kishikawa Katsumi

    View Slide

  2. Automatic Strong Passwords

    View Slide

  3. View Slide

  4. Security Code AutoFill

    View Slide

  5. View Slide

  6. Review: Password Autofill (iOS 11)

    View Slide

  7. Associated Domains

    View Slide

  8. View Slide

  9. View Slide

  10. if #available(iOS 11.0, *) {
    emailField.textContentType = .username
    passwordField.textContentType = .password
    }

    View Slide

  11. View Slide

  12. View Slide

  13. View Slide

  14. View Slide

  15. Try: Automatic Strong Passwords

    View Slide

  16. View Slide

  17. View Slide

  18. View Slide

  19. View Slide

  20. View Slide

  21. View Slide

  22. View Slide

  23. https://developer.apple.com/password-rules/

    View Slide

  24. View Slide

  25. View Slide

  26. ݱ࣌఺Ͱ͜ͷ߲໨͸ɺ·
    ͩଘࡏ͠ͳ͍Α͏Ͱ͢ɻ

    View Slide

  27. passwordField.passwordRules =
    UITextInputPasswordRules(descriptor:
    “allowed: digit; minlength: 1; maxlength: 4;")

    View Slide

  28. View Slide

  29. ύεϫʔυΛอଘ͢Δʹ͸
    Password Saving
    Compatibility checklist
    Tag fields with content types
    Remove login fields from view hierarchy
    Clear login fields only after removing from hierarchy
    Check that AutoFill saved to the correct domain
    May no longer need SecAddSharedWebCredential()

    View Slide

  30. ύεϫʔυΛอଘ͢Δʹ͸
    • ࣗಈͰอଘ͞ΕΔͱݴͬͯΔͬΆ͍Μ͚ͩͲɺ؍࡯ͨ͠
    ݶΓͰ͸ɺը໘ΛҠಈͯ͠΋ɺϏϡʔ͔ΒςΩετϑΟʔ
    ϧυΛ࡟আͯ͠΋อଘ͞ΕΔ༷ࢠ͸ͳ͔ͬͨɻΑ͘Θ͔Β
    ͳ͍ɻ

    View Slide

  31. Try: Security Code AutoFill

    View Slide

  32. View Slide

  33. View Slide

  34. View Slide

  35. View Slide

  36. NOTE: ؔ܎ͳ͍SMSʹ΋൓Ԡ͠·͢ɻ

    View Slide

  37. View Slide

  38. View Slide

  39. View Slide

  40. Failure cases

    View Slide

  41. Failure cases
    InstagramͷSMS͸
    ӳޠͷ΋ͷͩͱਖ਼͘͠ิ׬͞ΕΔ͕ɺ
    ೔ຊޠͷ΋ͷ͸ิ׬͞Εͳ͔ͬͨɻ
    ηογϣϯͰ΋ݴٴ͞Ε͍ͯΔ͕ɺ
    ͏·͘ಈ͔ͳ͍ύλʔϯ͕͋ͬͨΒ
    όάϨϙʔτ͠·͠ΐ͏ɻ
    ॻ͍ͨ௨Γɺ೚ҙͷSMSͰಈ࡞͢ΔͷͰ
    ύλʔϯͷݕূ͸ҙ֎ͱ؆୯Ͱ͢ɻ
    ͨͩ͠ɺσόΠεͷݴޠઃఆͳͲͰ
    ݁Ռ͕มΘͬͯΔΑ͏ʹ΋ݟ͑ΔͷͰɺ
    ͦͷลΓ͸ཁௐࠪɻ

    View Slide

  42. Summary
    • Web (Safari) Ͱ࢖ΘΕ͍ͯͨύεϫʔυͷࣗಈੜ੒ʢ& อଘʣ΍iCloud KeychainʹΑΔ
    ࣗಈิ׬ΛΞϓϦͰ΋࢖͑ΔΑ͏ʹ͢Δ࢓૊ΈʢiOS 11Ͱ΋෦෼తʹ࣮ݱͰ͖͍ͯͨʣ

    • Ϣʔβʔ͕σεΫτοϓͰSafariΛ࢖͍ͬͯͳͯ͘΋ɺiPhoneͰMobile SafariΛ࢖ͬͯ
    ͍ΔՄೳੑ͸ߴ͍ͷͰɺiPhoneͷWebͰ̍౓Ͱ΋ϩάΠϯ͍ͯ͠Ε͹ิ׬͸༗ޮʹͳΔ
    Մೳੑ͕ߴ͍

    • ରԠͷίετ͸খ͍͞ͷͰɺରԠ͓ͯ͘͠ͱ཭୤Λ๷͛Δ͸ͣ

    • ࣮ࡍͷڍಈ͸Α͘؍࡯ɾςετ͢Δඞཁ͋Γɻ͓͔͠ͳڍಈΛݟ͚ͭͨΒใࠂΛɻ

    • 2 Factor Authͷิ׬͸ศར͕ͩɺSMSʹΑΔίʔυૹ৴͸໰୊΋ࢦఠ͞Ε͍ͯΔͷͰɺ
    ϓϩδΣΫτʹΑͬͯݕ౼ͷ༨஍͕େ͍ʹ͋Δɻ

    • ΧελϜͨ͠ύεϫʔυϧʔϧͷςετͷखஈ͕ͳͦ͞͏ʁ

    View Slide

  43. Resources
    • [204] Automatic Strong Passwords and Security Code
    AutoFill

    • [721] Implementing AutoFill Credential Provider
    Extensions

    • Password Rules Validation Tool

    https://developer.apple.com/password-rules/

    View Slide