Open Radar

 
Summary:
As a developer with an app and a website, I'd like to make sure that my users' passwords are always up-to-date in iCloud Keychain, so that they can seamlessly log into both my app and my website. So I'd like to update my users' passwords in iCloud Keychain upon every successful login to my app.

However, I would rather not confuse them with an OS-created "Update Password" dialog box upon each login...especially if the password used for login came from iCloud keychain in the first place!

The only way for me to prevent that dialog from appearing when the password is unchanged is to *permanently* store the username and password for ALL successful logins in the Keychain. Then, upon new logins for accounts that have been used before, cross-check the new password with the one stored in the Keychain.

This seems like serious overkill for a problem easily solved by Apple.

Steps to Reproduce:
1. Set up an app with an Associated Domain and use `SecAddSharedWebCredential` after each successful login.
2. Log in to the app. The password is successfully stored with no user prompt.
3. Log out.
4. Log in again, with the same username and password.

Expected Results:
`SecAddSharedWebCredential` should silently do nothing and call its completion block with no error, since the password value is unchanged.

Actual Results:
`SecAddSharedWebCredential` pops a user dialog asking if the user wants to update their password. This behavior is very confusing because the password hasn't changed!

Version:
Xcode Version 6.0 (6A280e), iOS 8.0 beta 5 (12A4345d)

Notes:


Configuration:
iPhone 5s Verizon

Attachments: