What is “Sign in with Apple”, How to use it and how secure it is

At WWDC 2019, Apple introduced to attendees and viewers the new ‘Sign in with Apple’ feature rolling out across all devices. While the feature wasn’t necessarily groundbreaking or a selling point for buying a MacBook or iPhone, it’s since evolved into a much-regarded part of Apple’s device feature set.

Apple Pay came out 5 years earlier and is probably a closely related and comparable feature. Both Apple Pay and ‘Sign in with Apple’ are two ways that Apple is continuing to push for a simpler, more intuitive experience not only from a hardware and operating system perspective, but now even in mobile devices. third party applications.

What is ‘Sign in with Apple’?

In recent years, the web registration form has been simplified in various ways. One of the most popular ways to simplify the process is to use OAuth, an open protocol that enables secure authorization across web, mobile, and desktop applications.

You may have visited websites where you are given the option to sign up with an email address or by linking a popular service account such as Google or Facebook. In most cases this is OAuth in action.

OAuth login window

Apple’s ‘Sign in with Apple’ feature works very similarly to OAuth. If you’ve seen the Apple Pay button on any website or mobile app, Apple’s new sign-in button is very similar.

If your device is running iOS 13 or later, you’ll be able to use your device’s Apple login to create an account instantly and easily. The only requirement is that you have two-factor authentication enabled on your Apple ID.

‘Sign in with Apple’ has some very cool perks that you won’t find when using OAuth and similar services. One example is Apple’s ‘Hide My Email’ feature.

Sing with Apple.  on different Mac devices

With Hide My Email, Apple will generate a random email address on the domain privaterelay.appleid.com that will forward to your real iCloud mail account and use this during account registration. Given the percentage of websites being hacked, this is a great security buffer that can save your iCloud account from the possibility of being compromised.

Creating an account with Apple’s new sign-in feature will let you sign in using Face ID, Touch ID, or your device’s passcode. In a world trying to move beyond text-based passwords, this is a step in the right direction.

How to use ‘Sign in with Apple’

Apple’s new sign-in feature is still relatively nascent and only available on select apps in the App Store — Instacart and Bird are two examples. If you want to join Sign in with Apple, you can download one of those apps.

On the registration page for any supported app, you’ll see Sign in with Apple button, black and with the Apple logo on it.

Sign in with the Apple option on the login screen

Tapping this button brings up a prompt to show the current iCloud information on your device, allowing you to choose whether you want to sign up with your real iCloud email address or mask it with the Hide My Email feature .

Hide My Email preferences when signed in with Apple

The button to login will be Continue with Password or refer to the biometrics you use to protect your Apple ID – Face ID or Touch ID. Go ahead and verify the passcode, Face ID or Touch ID will create your account and allow you to sign in to it in the future on devices linked to your Apple ID.

How secure is ‘Sign in with Apple’?

Apple’s new sign-in service is one of the most secure methods of account creation to reach the mainstream web. It requires an Apple device with two-factor authentication enabled, and you’ll need to pass your phone’s standard security checks to access your account. There are very few other systems on the web where your credentials are associated with a physical device.

Additionally, while throwaway email services and email forwarders are nothing new, Apple’s integration of Hide My Email streamlines the process and opens up the possibility of email obfuscation for users who may even do not know or understand the existence of such a security measure.

Sign in with the Apple login window

Regarding user privacy, Apple promises the following on their official sign-in support page: “Sign in with Apple will not track or profile you when you use apps and websites favorites, and Apple only retains the information necessary to ensure that you can sign in and manage your account.”

Overall, Apple has raised the bar with its new sign-in service. OAuth has been a big time saver for years, but Sign in with Apple offers a lot more if you can find an app that supports it and you have an authentication-protected Apple ID two factors. This is a big step towards a password-free website.

If you have any questions or comments regarding Apple’s new sign-in service, be sure to drop us a comment below!

Leave a Reply

Your email address will not be published.