What Is ‘Sign in with Apple’ and Should I Use It?
With the release of Apple’s new iPhone operating system, iOS 13, Apple introduced a new way to sign up for accounts in apps and websites, called “Sign in with Apple.” This new alternative sign-in option supposedly protects your privacy more than similar options from Facebook, Google, and Twitter, but it ties you even deeper into the Apple ecosystem. We’ll break down how it works and highlight some of the potential issues.
Sign in with Apple makes creating new accounts faster and more private
Sign in with Apple is a “single sign on” (SSO) service intended to work in the same places where you’ve likely seen buttons to log in using your Facebook or Google account. Instead of creating a new account for an app or a website with your email address and a password, you instead sign in using your Apple ID.
It’s convenient to sign in with Facebook and Google, but when you do so, both those companies and the apps you sign into gobble up a ton of data about you. (That link is to The New York Times, Wirecutter’s parent company.) Every time you sign in with Facebook or Google, your personal information is shared so that companies can track you anywhere else you might use it. Considering how much personal information is stored on those sites, that can be a lot of data. At the very least, it includes your email address, profile photo, and name. If it’s a Facebook login, a site may ask for even more, including your birthday, page likes, photos, and friends list.
Apple claims that it shares as little information as possible, collecting just your username and email address, and that it does not track your activity in an app or website. When you sign in using the Apple button, you get an option to create a disposable email address so that you never share your real email address with the app or website. For example, in the guitar-lesson app Fretello, my username is Boots Cat and my email address is 23eruru878@privaterelay.appleid.com or the like. Any emails from the app get forwarded to the email address attached to my Apple ID if I want them, or I can turn forwarding off. I can also revoke access at any point, even if I’ve deleted the app from my phone. This feature is especially useful for apps you don’t care much about or you’re forced to use a single time.
Sign in with Apple is not necessarily more secure
Sign in with Apple offers clear privacy benefits by untangling your name and email from your new account, but its security improvements aren’t as straightforward. If you’re using a password manager (which you really should be), creating a new strong password for every account isn’t complicated. But if you’re not using one, and you’re instead using the same few passwords on every single site, Sign in with Apple is a much better option.
Trusting all of your login information to a single company doesn’t feel like the best idea, but it has upsides. Big corporations like Apple, Facebook, and Google have large teams dedicated to security, something smaller sites often don’t have. Take that new account I created above as an example: It’s less likely that someone will hack Apple than Fretello. But SSO is still susceptible to attacks—like back in 2018 when Facebook disclosed a breach of 90 million accounts—so it’s not perfect.
Ultimately, the main question is about trusting Apple with security instead of trusting whatever random app you’re signing up for an account with. Apple has had a rough year when it comes to security. On one hand, you’re required to use two-factor authentication with Sign in with Apple, which is good. On the other hand, Apple still offers only the less secure SMS method for two-factor verification for the initial Apple ID sign-in, and that’s your sole option if you own only one Apple device (in contrast, you can use a second Apple device as a second factor to verify yourself if you own say, both an iPad and an iPhone). It’s really time for Apple to offer hardware and app authentication for people who own just one Apple device.
If you prefer a DIY approach, you can roll your own set of disposable email addresses with services like Mailinator or Guerrilla Mail, but Apple’s process is so fluid and simple, it’s hard to imagine going through the trouble of doing it manually if you don't have to.
Sign in with Apple has some potential downsides
One of the biggest hurdles with Sign in with Apple is the fact that it’s not yet available in many places. I had to spend a few minutes just to hunt down a compatible app to test how it worked. Sign in with Apple doesn’t automatically appear alongside a Facebook or Google login; app developers and websites need to implement support for it.
Apple will require any app available in the App Store that supports Facebook and Google SSO to also support Apple’s button by April 2020, but I imagine that a lot of sites will wait as long as possible so they can continue slurping up visitors’ private data. Sign in with Apple is less useful if you’ve already created an account somewhere since there’s little chance you’ll want to create a new account if you’re already set up, and right now there’s no way to switch over an existing account.
The bigger issue is what happens when you untangle yourself from Apple’s ecosystem. Apple is not offering Sign in with Apple because it’s an altruistic organization—it wants to lock you into the Apple ecosystem. Although you will be able to use Sign in with Apple on the Web using your Apple ID, doing things that way replaces the frictionless experience of using Touch ID or Face ID on an Apple device with the same username and password experience you encounter everywhere else.
If you do decide to leave Apple at any point, signing in anywhere you’ve used Sign in with Apple is cumbersome. Let’s say I create an account for a Bird scooter on my iPhone using Sign in with Apple, and then I move over to Android. When I next attempt to sign in through Sign in with Apple, I get pushed over to a Web view, where I need to sign in using my Apple ID. It’s not the worst process, but it lacks the one-touch simplicity of using Sign in with Apple on an Apple device.
Should you use Sign in with Apple?
If you don’t use a password manager (you really should, though), using Apple’s option is a convenient approach that’s more secure and private than making up new login information on the spot. It’s easier to recommend if you don’t ever plan on leaving Apple’s ecosystem or if you just need a one-time-use account.
Personally I’ll lean on using it only for the types of apps and services I don’t really care about losing access to, such as for Bird scooters, where I could theoretically make a new account every time and it wouldn’t affect my experience. For anything I frequently access from a non-Apple device, I’ll stick to using a password manager.
Further reading
RIP, Passwords. Here’s What’s Coming Next.
by Thorin Klosowski
Usernames and passwords may soon be going away. Passkeys will replace them.
The Things That Matter From Apple’s 2018 WWDC Keynote
by Nick Guy
Apple kicked off its 2018 Worldwide Developers Conference today. Updates to iOS took center stage during the keynote, and we were introduced to macOS Mojave.
iOS 17 Is Out Now. Here Are the Best New Features.
by Max Eddy
Apple’s latest version of iOS is available to download. These are the features you should try first.
Oh The Ways This New iPhone Will Completely (and Not) Change Your Universe
by Brian Lam
Did you know today is the most important day of the year if you like new iPhones? Yes. You probably did because because people can't stop writing and reading about this sort of thing; articles guessing what the new iPhone is All About are literally as popular as stories about Osama Bin Laden's assassination and the Japanese Tsunami.
