What level of access does a password manager app in iOS have?
can a password manager app access and read everything that's displayed on my screen?
Short answer, no.
A password manager app doesn't get free rein access to anything and everything displayed on the screen of your iOS device.
A very simplified explanation of how a password manager apps is as follows:
Any app that uses a login flow, where a users credentials are verified and authenticated via a remote web service declares its associated domains in the app metadata. iCloud Keychain or any 3rd party password manager apps remains unaware of the installed 3rd party app, and only jumps into action when a user taps on the credentials input field. Since the app has declares its associated domains, a password manager app can filter from its own list of entries and only presents the credentials matching the domain.
iOS also uses heuristics to determine the available login credential information when the user logs in or creates new passwords, and automatically provides the password entry bar over the system keyboard.
The way password autofill architecture is designed, a password manager neither gets to read any app data, nor does it gets to see what's happening on the screen.
You can learn more about password autofill by following the linked document on Apple Developer website:
- https://developer.apple.com/documentation/security/password_autofill
Password autofilling recommends credentials only for the app’s associated domain, and the user would need to authenticate using Face ID or Touch ID before accessing the credentials.