In iOS 13 Public Beta 2 and Developer Beta 3 Face ID does not authorize before allowing access to a user’s iCloud Keychain containing their website and app passwords. This is a regression from iOS 12.
Steps to Reproduce
- Open the Settings app
- Tap ‘Passwords & Account’
- Cover the Face ID sensor
- Quickly and repeatedly tap ‘Website & App Passwords’
Expected:
The ‘Face Not Recognized’ dialog should appear.
Actual:
The user is shown the ‘Website & App Passwords’ screen without Face ID authenticating.
Note: Sometimes the ‘Face Not Recognized’ dialog appears when reproducing this but after canceling out of the dialog and trying again should make it work.
Check out my tweet for video proof: https://twitter.com/SteveMoser/status/1149067077640163334