Detailed guide to creating and managing user passwords in TheCompanyApp.
What is UserPass?
UserPass is TheCompanyApp's company-level authentication system. It provides:
Secondary Authentication: Beyond iCloud sign-in
Multi-User Support: Multiple users in shared companies have their own credentials
Access Control: Combined with AccessControl for permission enforcement
Privacy: Credentials stored only in private iCloud database
Why Passwords Are Required
For Company Owners
Protect company data on your device
Authenticate when accessing sensitive operations
Enable access auditing (future feature)
For Team Members
Each team member maintains individual credentials
Credentials are not shared via CloudKit sharing
Each user creates their own UserPass locally
Creating UserPass: First Time
During Company Creation
After creating a new company, you're automatically prompted:
Screen: CreatePassWordCView.swift
Fields:
Username
Unique per company (not validated globally)
Used for login on all your devices
Cannot be changed after creation
Password
Minimum 6 characters (12+ recommended)
Not validated for complexity (use strong password)
Stored securely in private iCloud
Confirm Password
Must match Password field
Email Address
Used for future features (password recovery, notifications)
Profile Image
Tap camera icon to capture or select image
Used in team member displays
Automatically optimized for storage
Super User Flag
Automatically set to true for company owners
Grants elevated permissions
Cannot be modified by user
Create Button: Tap to save credentials.
What Happens Internally
When you tap "Create":
CloudKit Sync
UserPass syncs to Private Database only
Available on all your devices
Navigation
Returns to company list or dashboard
Company is now fully set up
Creating UserPass: Joining a Shared Company
When you accept a company share invitation, you must create your own credentials:
Accept Share (via share URL)
Company data syncs to your Shared Store
App detects missing UserPass for this company
Login Screen appears with "Create Account" option
Fill in UserPass form (same as above)
Credentials saved to your Private Store (not shared)
Shared company data is in Shared Store
Your UserPass is in Private Store
Other team members cannot see your credentials
Managing Existing UserPass
Viewing UserPass
To view your credentials for a company:
Settings tab → User Management
View current username (password is hidden)
Changing Password
Current Implementation: Password changes are not implemented in UI.
Workaround:
Create new one with updated password
Planned Enhancement: Password change flow with confirmation.
Changing Username
Current Limitation: Usernames cannot be changed after creation.
Reason: Username may be referenced in audit logs and access control.
Workaround: Create new company and migrate data.
Deleting UserPass
Warning: Deleting UserPass logs you out of that company.
To delete:
Settings → User Management
Effect:
You're logged out immediately
Re-access requires creating new UserPass
Company data remains intact (if shared)
UserPass Storage and Sync
Where UserPass Is Stored
Local:
Core Data: TheCompanyApp.sqlite (Private Store)
Encrypted by iOS FileVault (device encryption)
iCloud:
CloudKit Private Database
Zone: com.apple.coredata.cloudkit.zone
Not Stored:
❌ CloudKit Shared Database
Multi-Device Sync
Your UserPass credentials automatically sync to all your devices:
Example:
Create UserPass on iPhone
Company syncs to iPad via Private Database
UserPass syncs to iPad via Private Database
On iPad, you can log in with same credentials
Sync Time: Usually 1-5 seconds, up to 1 minute on slow networks.
What Others See
When you join a shared company:
Others see: Your display name, profile image (from AccessControl)
Others don't see: Your username, password, email (UserPass is private)
Security Considerations
Password Strength
Current Implementation: No enforcement.
Recommendations:
Mix of uppercase, lowercase, numbers, symbols
Password Storage
Current Implementation: Plain text in Core Data.
Security Layers:
iCloud encryption in transit (TLS)
iCloud encryption at rest
Biometric unlock (device level)
Planned Enhancement: Hash passwords using bcrypt or Argon2.
Password Recovery
Current Implementation: No password recovery.
If You Forget Password:
Cannot recover (no server to reset)
Must delete UserPass and create new one
No data loss (only re-authentication needed)
Planned Enhancement: Security questions or email recovery.
Login with UserPass
See Login Flow for detailed authentication process.
Summary:
Enter username and password
Credentials validated against stored UserPass
On success, access granted to company data
Common Questions
Do I need UserPass for each company?
Yes. Each company requires a separate UserPass for access control.
Can I use the same username for multiple companies?
Yes. Usernames are scoped to individual companies, not global.
Do invited team members share my password?
No. Each user creates their own unique credentials. Passwords are never shared.
What if I lose my password?
Currently, no recovery option. Delete UserPass and create new one. Consider using a password manager.
Can I see other team members' passwords?
No. UserPass is private to each user and never syncs to shared databases.
Is my password encrypted?
Device is encrypted by iOS. Password is plain text in Core Data (enhancement planned).
Can I import passwords from another source?
No bulk import available. Passwords must be created individually per company.
Technical Reference
UserPass (TheCompanyApp.xcdatamodel)
Configuration: Not in "Shared" configuration (private only).
Creating UserPass Programmatically
Fetching UserPass
Validating Credentials
Next: Login Flow
Related: Security Model, Credential Storage
Last updated