Hacker News new | past | comments | ask | show | jobs | submit | page 2 login
Why we won’t be supporting Sign in with Apple (anylist.com)
1069 points by dirtae 6 days ago | hide | past | favorite | 465 comments

Worth noting that AnyList automatically subscribed me to a marketing list without double opt-in or any kind of consent, which is exactly the kind of behaviour that makes me not want apps to have my real email address.

They mention customer support so many times in that article, but it's a grocery list app! When is the last time I asked for support for the sticky note attached to my refrigerator? I don't doubt that there are indeed customers who need support from time to time, but surely it's a small minority.

These seem to just be contrived arguments to protect their customer data selling bottom line.

Yep, my feelings exactly after reading. All this whining happens only when your business is very dependent on specific information that gets taken from you.

Definitely picked up the same intentions from the post.

Seems out of place to complain about not having email addresses for "support" reasons.

If they truly cannot help users without asking for their email address, maybe they should not have users (login) then.


The blog post was long and winded. And it brought up some very desperate arguments, like the bug bounty offered to hackers when they report security vulnerabilities.

They want people's email addresses, period.

They say that no email breaks the sharing feature. True. But that's something that can be offered later when someone actually does share something with you. They say that the emails will go to the a seldom checked account. True. But users can change email addresses. They say it breaks support service for looking up accounts without email addresses. Again true. But what's another way of looking up accounts? Username. What is another? Apple ID.

They are email network harvesters. Plain and simple. And this is their business model.

And their whining about not getting email addresses is exactly why I would not want to give mine.

That's exactly what I'm thinking! Further I can't find the EULA of the app on the internet - maybe I'll find it later. But I could bet that they sell the data for marketing purposes. And I could also bet that they removed Facebook not because they don't want to use it but because they had to implement Sign in with Apple which would result in the Data being not so valuable because the standard option is to obfuscate the mail address.

Having any kind of subscription payment massively increases complexity and support requirements in your app.

The article says "When you provide us with your email address, it is never sold, shared, or used to invade your privacy." So, one of you is lying. I don't have the means to determine who, but I don't see what your motivation for lying would be, but can see what theirs may be.

And to extend that, if they are a spammy company, that would be exactly why they would be complaining about SIWAI.

It wasn't sold or shared, the emails came from them. But they were pure marketing, not transactional, and I certainly didn't agree to it or want it.

> automatically subscribed me to a marketing list

Side note, disabling 'load remote content' in email client stops all spam in a while, they think emails are not read.

Using Gmail at all seems to have the same effect as well since they pre-load and proxy almost all email content. Only when you use alternative mail clients might they see the images/remote content being loaded from a non-google IP.

This seems to be a common problem, made more visible when using third-party authentication, that your application has taken the concepts of "Account" and "Authentication Method" as if they were the same thing.

It appears that the "account ID", "preferred contact method+address" and "authentication ID" are all the same here - which then creates the "account management code into a rat’s nest" scenario they describe in the post.

If an Account is, by design, it's own entity - you should be able to have 100 different authentication methods linked to that same account without impacting any other flow or part of the application.

Turn on and off authentication methods would also allow for seamless transition for users, without worrying about when one method is about to be killed.

I feel like they address this in the article. What you say makes sense in a technical UML diagram point of view, but that's not how people work.

The examples they give are getting support and sharing things with another person with an account. As a user, both of those things are easier for me if there is an email associated with the account.

Said another way, the Account needs some human friendly global identifier. The email you use to log in is an obvious choice, and anything else would require extra work from the user to set up. You could have usernames, for example, but that complicates the signup process and still makes sharing things hard. I know my friends emails already, but I don't know what username they ended up with on this site.

I'd argue that this makes more sense in the real world than in a diagram, after being burnt in multiple real life experiences :)

The assumption both you and AnyList are making is that an email is "THE obvious choice". From a user experience perspective perhaps this "global sharing identifier" should be defined by them.

You'll notice that different generations have different online behaviors. For some, email is their main id. For others, it's their phone number (they don't know most of their friends' e-mail, but know their phone). For others, it's either online handles or nothing at all - think about the device set up for grandma with her daily To Do list.

Of course, having this approach would add some upfront dev work to them but allow them to navigate this much easier later on. And for anyone starting to develop their new app/site/product thinking about this early on can reduce a lot of future headaches.

That's a very idealistic opinion.

People don't care about usernames and other crap. They want an easy option - enter email, communicate over email and be found using email. This isn't their banking app or anything that important.

Nobody "wants to use their email". They just want to start using whatever app or service they're trying to connect to as quickly as possible - why exactly do you think "Sign in with X" became so popular in the first place?

+1 Any authentication method that I have enabled for my email should work -- there shouldn't be a need to remember which one is associated with a particular service...

With rare specialized exceptions, pretty much nobody needs all this complexity. Certainly not a simple app like AnyList. All this flexibility is not free, it comes at the cost of obviousness, as they described. It's not worth it much of the time.

The real problem is Apple shoving their proprietary, poorly designed services down everyone's throats.

No, I don't want to use icloud email, I already have an email address. No, I don't want to provide a "real" email address after I provided an obfuscated one. No it's not my fault that messages sent to the obfuscated one will go to some icloud inbox that I didn't create and I don't read. No, it's also not my fault that when I contact support I do it from my normal email address and not from the obfuscated one (how would I even do that). It's not the support's fault that they can't connect the two.

It's not the user's fault, and it's not the developer's fault. Apple is the sole designer of this mess. There is no excuse.

You can create an iCloud account with your own email address. That avoids getting another email address.

When using Apple login, Apple offers the choice of providing an anonymous email to the third party or your actual email. It's up to you. Its about user choice. More privacy or less. Apple wants you to have a choice. Use it or not.

Then why do most of my non-tech relatives have an @icloud.com address that they never needed and never read?

Blame the user all you want, but their "choice" was guided by Apple designed UI and Apple provided defaults. Whatever it is, it's producing optimal outcomes for Apple and no one else.

I have one too (which I've since swapped for an email I actually use). I'm not one hundred percent sure, but I think it was the only option for a while (inherited from MobileMe, perhaps), or at least it wasn't clear that you could/should add another email.

Either way, Apple could definitely do something with regards to make it easier/more obvious to replace it with a useful email address, especially now as it becomes a federated identity provider.

I can't answer that. However, if you go to appleid.apple.com to create a new AppleID, you must use an existing email address.

When I create a new user account on the mac, it asks the new user if they want to create an AppleID. The default is to use their existing email address. You must specifically select an option to get an iCloud account. If you purchase an Apple device, you again have the option of an iCloud account or using your existing email address for your AppleID. Apple is not using some deceptive UI to get you to create an iCloud email address.

However, I guess you still feel it is somehow evil that Apple does allow you to get a free email account where the provider does NOT read your email content and use it to target ads at you. Suboptimal for Apple from a pure profit perspective.

Whatever the UI is now, doesn't speak for what it used to be over the years. The cumulative effect matters.

There are tons of people with @icloud.com email addresses that they never use who will fall into the login / customer support traps described in the article.

But sure let's not even acknowledge those very real problems, deny Apple's role in this, and blame users. That will surely solve the issues.

I think you are missing the point and are perhaps letting this app vendor create an impression of a large problem based on anecdotal evidence. Perhaps they are just whining because they don't want to lose all that data. I have no idea that that is the case, but we can't rule it out.

Tons of people falling into these alleged traps? Really? What is that based on?

Apple is saying they want their platform to support personal privacy. If an app on their platform offers third party sign-ons that are known to abuse personal privacy, that app must offer Apple's solution that respects personal privacy. Despite it being an imperfect solution, I personally am thrilled that I have that option and I'm happy with Apple taking a stand on one of the most important issues today and going forward.

Some occasional customer support issues vs. providing customers with a real solution to significant privacy issues. From a user perspective the value of having such a choice is high.

Nobody is blaming users. Frankly, I think users are smarter than we typically assume. The support situation is really pretty trivial. If you save the onboarding email sent to the anonymized email address, you've got all you need to interact with an app customer support. People will quickly learn this and get on board if they want the privacy benefit. Its just not a big deal.

Apple's role is about increasing privacy and respecting their user's right to privacy. I fully acknowledge that. Does this create some hassle for app vendors? Yes, but I don't care about that in relation to the greater gain.

I don’t see any technical reason this couldn’t be done, but it would be more work for both the app developers and the user.

Time and value are not "technical", though they can be measured.

Technically you can build an app that's purely a AR sticky notes specifically on your fridge... but the value of that app is approximately 0.

I think the problem is that many apps, use the same form for login/signup. So a user thinks they're logging in, but they're actually creating a new account with a new authentication method...

In my experience the “Sign on with Apple“ option makes it totally risk free to click and I don’t even think twice before clicking to create an account whereas a typical registration page will definitely raise the possibility of me bouncing.

Sign-in With Apple is perfect for those accounts that you basically never wanted to have anyway. If it’s something where I want a “real” login, especially one that I might want to share, then I’ll go through the trouble of actually registering and picking a shared secret that my wife and I know.

But for the average app that needs a way to keep a user profile for me, it’s just right, and from a UI perspective on iPhone it really is magic. Two taps and I’m just in with zero mental baggage and an email relay to eliminate the possibility of spam.

> Another issue is Sign in with Apple’s “Hide My Email” feature. With this feature, if you create an account with us, Apple will generate a special email address just for that account. So rather than your email address being john.doe@icloud.com, we will see your email address as something like dpdcnf87nu@privaterelay.appleid.com.

Ironically, this is also why I use Sign Up with Apple at every opportunity I can

How is this ironic? It is by design and obviously they know why people do it because the very next sentence says that. Why on Earth would you'd want to use a list-sharing app that uses email as the addressing system and then not share your email.

The anonymous e-mail that Sign-In with Apple generates forwards to the e-mail used to set up your Apple ID. So it's not like it's a random e-mail that acts as a /dev/null.

This is by far the biggest selling point of Sign-In with Apple for me and I will continue to use it, and continue to not use apps that don't support it. I have plenty of e-mail aliases, but having an alias auto-generated for you is very convenient, and not having to generate a secure password is also very convenient.

The day AnyList gets hacked (not saying it will - but it's highly likely, the way security has taken a backseat due to "features") then at least my personal e-mail and password won't be there for every hacker on Earth to see and try to spam passwords to get into all of my other accounts.

Perhaps you don't use AnyList? It doesn't make sense to use with a private mail relay because they use email as an addressing system. And honestly, few users will go look up their per-app address and tell people to add them.

This is where their article lost credibility with me. Their decision to base their sharing and addressing system on email was their mistake, and Apple is just the first to force them to face their mistake.

I don't want to share my spam email with all my friends to get them to share with me. And I don't want to give my primary email to an app that will spam me.

If I want to share something, I'll send a link and the recipient can connect to me that way. I don't need to search them within the app to get in contact, that's useless.

> so when they enter your email address, our systems will believe that you don’t have an account. At that point, you’ll get an email from us asking you to create an account.

This is a trivial part of the problem to solve. Why am I being asked to create an account in an invite email? Why not "log in or create account" and having the link itself be the piece that connects the share to me.

It's not a mistake, by any means.

It's dead clear that you don't work with consumers. Your technical bias shows what you care about and you're(an me) are an utter minority.

If you want security, btw - you should have multiple passwords for different things. And ideally not even use a password manager.

Why should he not use a password manager?

You're storing all of your password in one location. Behind just one password.

What's the point in password manager, if all you need is one time auth - and you're in!

Ah, I wasn't aware that e-mail was used as an addressing system within AnyList. Do users not have any usernames associated with their e-mails?

Still, I think in this day and age, having a requirement in your product that says "e-mail that is provided should be the one the user uses the most" is pretty naive. In general, it's true, but when it comes to 3rd party authentication providers like Facebook, Google, and now Apple, this kind of requirement is not really useful and will likely cause issues for you down the line, which is why usernames are better for addressing people within apps (e.g, Instagram handles).

It is rather unusual, honestly. Even Venmo uses just an app-specific name. That's probably a lesson in product design: have your own usernames.

I'd personally for for the method used by Blizzard and Discord where a randomly generated ID is the actual unique value, while the username is just a display setting.

I get all the advantages of that but for some reason it's so hard when you get into a game and you're trying to get everyone there into a discord.

Riot does this with Valorant too and the implementation is a nightmare.

Small nit: Potential hackers would only have access to your email, provider id and whatever other details they pass along (preferred name, profile picture URL, etc.). Social login doesn't provide consumers (AnyList in this case) with your password.

Agreed, social login like Facebook et. al do not provide passwords to consumers, but e-mail is already contentious enough.

Most people use the same e-mail for every single account they have. A large majority of these users use the same password for all of their accounts. (Just want to clarify that I do neither of these things - I have a large set of e-mail aliases and have a unique & secure password for each account I have to set up manually).

If you'll grant me that fact, then all I need is your e-mail from a dump of AnyList's users table, and look up that e-mail in my already vast database of dumped tables, and see that your password was "hunter2". Now I have access to your bank account, because you used the same e-mail and password for that account as well.

This is a bit of a contrived example, but in general, any personal information that is leaked (e-mail included) is bad - full name, address, and the like, which many websites ask for, is even worse, because crackers have even a better shot at guessing a lot of your personal information, and at that point, the ball is in their park.

FYI: Getting a hold of someones' email isn't particularly hard.

So you say you are using your email as the unique identifier instead of the password?

If you use a unique password for every service, what would you need a unique email for?

> If you use a unique password for every service, what would you need a unique email for?

Because then you control when the flow of marketing or "Service" related email stops. And you can tell which vendor leaked your email either deliberately or by accident.

It's ironic because anylist cites that as a reason to stop supporting that very feature. That would only reduce my desire to Sign Up for that app.

As a reminder - us privacy aware technical people aren't remotely relevant anymore. So... You're not their target audience.

Apparently Apple makes privacy by default their PR strategy. So it's kinda relevant, at least in Apple garden.

The article also implies that if anyone can guess your email address, they can send you/share with you a list. I wonder what anti-spam measures AnyList implements?

Sign In With Apple would require that AnyList enable SPF protections on any outbound domain registered with Apple for SIWP use:

To send emails to users with private email addresses, you must register your outbound emails or email domains and use Sender Policy Framework (SPF) to authenticate your outbound emails.

I assume they rely on the fact that sharing a random list with a random person a thousand times is pointless.

What if the list contains/is itself advertising, and the random person is everyone on a huge list of active email accounts?

Why would you go through the trouble of sharing a list when you can just email them directly?

If they really needed a user ID, just have account holders create a username after the Apple sign-in flow. Most people have a go-to username, and those are easy enough to remember and give to a support associate.

We've implemented a bunch of third-party login solutions on our platform, but in retrospect I think it was not worth it for us. I think integrating third-party logins makes sense if you know that most of your target users come from a given platform or your application wants to interact with a specific platform (e.g. a Github integration).

Otherwise the points the author makes seem painfully correct from our experience. Adding third-party sign-in immediately complicates the frontend as you need to support OAuth/OpenID-Connect workflows that are much more complicated than sending a password & e-mail combination (and possibly an OTP token) to a backend and reading the result. In addition, even though OAuth/OpenID-Connect are standardized it seems that almost every provider has decided to add its own quirks to it, so you can almost never just reuse the same code for integrating e.g. Github and Gitlab sign-ins.

What we currently do is to always add an e-mail using the third-party provider and use that to allow a password reset or password creation. You have to be quite careful with this as well though unless you want to open new security isues. Incorrectly implemented sign-in workflows via third-party providers can open avenues for account takeovers if you implement e-mail validation or account reconciliation incorrectly (e.g. an adversary might register an account with the victim's e-mail on a third-party platform and try to use that to sign into the victim's account; if the sign-in flow is configured incorrectly [happens a lot] the system will recognize the e-mail and sign the attacker into the victim's account).

Also, don't trust any validated information from third-party providers (especially e-mail addresses), as this can provide another attack vector. Always do your own validation.

> One problem is that most Apple IDs are tied to an iCloud email address. So most accounts created via Sign in with Apple will use an iCloud email address. But many of those iCloud email addresses are unused and unchecked, because a customer’s “real” email account is their Gmail, Yahoo, or Hotmail account.

Wow, this is a really good point. I just checked and yup -- my AppleID is directly linked to my icloud email, and I've never once checked my icloud email account. I wonder what's in there. Meh, too lazy to go check it

This seems strange to me. My iCloud account is my Gmail address (even though I also have an iCloud one on the account) and when I use Sign in with Apple I get an option to redirect all emails to Gmail.

But the system is indeed weird, I signed up for an account in an app with bike routes and wanted later to check it in the browser and had no idea what or how to find out what my account is or how should I sign in (could be also the app/website didn't implement this properly).

Things may differ from person to person depending on when they created their Apple account(s).

At first, before they had cloud services, you created an Apple account to purchase things from the iTunes store. You could use any email address.

Then they created MobileMe (which was rebranded to .Mac), and that came with an email address @mac.com. (I believe there were a couple of other domains you could choose instead, but don't remember what they were).

That was eventually discontinued, replaced with iCloud, and .Mac accounts were migrated.

Somewhere in all there Apple loosened requirements so that you could use an outside email address as your cloud ID, and made it so a cloud account could could also work as an iTunes account.

For those who created their accounts after that point, it's all sane. Create your Apple account using your outside email address if you want, or using an Apple provided address if you prefer, and then that one account can be used for all your Apple stuff. Buying music, buying or renting video, buying apps, and the cloud stuff.

For those of us who created our accounts before all that, we ended up with an account using our outside address which has our music, video, and app purchases on it, and an account using our @mac.com address that has calendars, photos, and the like.

When they changed it so all Apple accounts could be used for everything, it got even more annoying for us. Whenever we'd see some dialog asking us to sign in to our Apple account, we'd have to guess if it wanted our music/video/app account or our cloud account. If we guessed wrong, we could end up accidentally purchasing apps or media on the cloud account.

Apple does not provide any way to transfer purchases between your accounts, so if you end up with media or app purchases on both accounts there is no way to consolidate other than purchasing duplicates.

If you are willing to do that, or if you have avoided duplicate purchases, you can kind of manually consolidate accounts. You can export calendars, contacts, and the like from your original cloud account, and import them into your original iTunes account. Same for photos, online disk space, and anything else you have on the original cloud account.

Once you've got it all in the original iTunes account, delete everything from the original cloud account, and then just make sure to never again sign into that account. Any time you see the Apple account login dialog, give the original iTunes account.

Even if you have alternate email addresses associated with your iCloud account, you are free to update it to have your external email address be the default for your iCloud/Apple ID.

Visit https://appleid.apple.com/account/manage to make those changes.

Help article: https://support.apple.com/en-us/HT202667

Although I will note that it says you can't change your Apple ID email address if you choose an @me.com, @mac.com, or @icloud.com email address for your Apple ID, which is the first time I've seen that warning.

... I'm not sure I understand this scenario?

So you have an AppleID, which is a full iCloud account (i.e. not just an AppleID using a Gmail address.. So you login to iCloud on some device, and then specifically go untick the "Mail" option in iCloud preferences? Really?

My Apple ID was initially tied to my gmail address, and then at some point Apple forced me to change it, so I use my yahoo address. I never check that address, since I only use it for my Apple ID.

That has never been an issue.

Another issue with Sign in with Apple is the fact that their private relay has a pre-set allow-list per app for sending email to relay addresses.

This means that you must either prove ownership of domains, or pre-add email addresses to Apple's systems. I understand why they have done this, it will reduce spam considerably, but the private relay system is already designed to empower users to do this and this extra step may be impossible for some developers.

Take for example a retailer – they need to dispatch goods and use different carriers in different countries. When the user buys something they very likely want email notifications about delivery, a feature that most carriers provide. For the carriers to send those notification emails you'll need to pre-add them all to Apple's systems. You can't prove domain ownership because fedex.com isn't your domain, but where are those emails going to come from? Better hope your carrier doesn't change sending address at some point or the email goes into a black hole.

Apple also limits the number of domains and addresses you can send from. In the original documentation it was "10 domains and addresses" (not sure if 10 of each, or 10 total). This was raised to 100 I believe, but that's still probably an issue for larger multi-national companies, or those who necessarily have to integrate with many external services.

The really hard-line privacy stance is that the retailer shouldn't share the emails and should do the notifications themselves, but for many this is prohibitively difficult to do, or at least detracts from places where the retailer can actually add value. The benefits are also very small, as the contracts with carriers typically protect user data, require deletion quickly after delivery, and retain most privacy benefits while allowing for a good UX.

That's a good point, but I'd be surprised if Apple doesn't have (or is building) a mechanism to allow certain well-known domains to be trusted sender, in the circumstances you note. Like, have "enter your custom domain", but also "checkboxes for fedex.com, etc".

That was an interesting read. Also, they close with...

"These are both excellent points, and it’s absolutely true that some of the arguments above apply to creating an account via Facebook. That’s why we’re also announcing that we’ll be removing the Facebook Login from AnyList."

Well, that, and also if they don't remove FB login, then the would be required to also implement Sign in with Apple.

They didn't want to implement Sign in with Apple, so they had to remove FB login.

Which is a pretty anti-competitive move on Apple's part.

They're essentially using their control of the iOS ecosystem to benefit unrelated products.

I seem to remember that those kinds of actions didn't work out well for Microsoft :)

Apple takes many anti-competitive and consumer-hostile actions. They can freely get away with it, though, as they aren't a monopoly.

Also, they will argue that they are doing it for privacy and security reasons which are benefits to users.

But I don't know how much a judge would care about that.

How is this user hostile - forcing app developers to give users a choice that doesn’t give the app developer your real email?

I said "Apple takes many anti-competitive and consumer-hostile actions. They can freely get away with it, though, as they aren't a monopoly." I did not say this action was consumer-hostile.

So, forcing them to give users a choice is somehow equivalent to... forcing vendors to not give customers a competitors browser?

Ok sure. That seems totally the same. Not at all as ridiculous as the invented "monopoly of iOS" that people use to justify the claim Apple is abusing a monopoly position.

Next thing you'll complain Coca Cola is abusing its monopoly position on Coke.

If you implement Sign In With Apple, you don't have a relationship with your customers anymore. They're Apple's customers, and Apple can take them away at any time.

It's good that you read Hey's blog post and are repeating it here, but it's not very accurate in this case.

Specifically, if you implement Sign In with Apple, then they are still your customers as much as ever, they just might choose to hide their information from you because they don't trust you, which means that the power in the relationship is transferred to the user instead of the app developer.

> "Apple reserves the right to disable Sign in with Apple on a website or app for any reason at any time."

I think GP is absolutely right here. Apple can take the customers at any time for any reason. Apple could ban you from using Sign in with Apple simply because Tim Cook doesn't like what food you eat for breakfast. So, I have to agree with GP that these are Apple's customers at this point.

The check on this is that you are now putting an inconvenience on that apps users. Maybe it’s okay in some isolated circumstance however, I imagine this won’t sit well if it becomes a reoccurring theme for iOS users, as they will come to view Sign In With Apple as unstable/unsafe (like Google and it’s graveyard). It would quickly render Sign In With Apple useless if the trust that it will continue to work whenever used is not there

I actually think this wouldn’t really happen in practice as consumers are quick to respond negatively to this behavior, so I’d be shocked if Apple actually did this without some darn good reason (I imagine it will also include removing said app)

> The check on this is that you are now putting an inconvenience on that apps users.

That hasn't stopped Apple from remove apps or preventing updates -- clearly inconveniences on users -- for whatever reasons they want. It has happened and it will happen again.

There is no check on this unless your app's audience is Netflix/Spotify/Facebook huge. If you're just an average developer you can be killed off at any time.

I’m not exactly sticking up for Apple as much as I’m trying to demonstrate practical thresholds that would realistically limit this behavior. I don’t think Apple wants 100,000 upset customers let alone millions.

Hardware requirements for software is a decades old concept, and it’s true they deprecate and obsolete supported software and hardware on for older platforms, but it’s rare I’ve seen Apple taken a user hostile approach here within supported lifetimes though it has happened yes it is rare.

Their developer experience on the other hand does not see the same care and attention a lot (most even) of the time. That’s because, and I believe this strongly, Apple never wants 3rd party software to have platform influential power over them again, like Microsoft and Adobe did for decades. It’s sad but not unsurprising that their platforms can be very developer antagonistic if you don’t take their happy path (and sometimes even then). To them though, it doesn’t matter until it affects a large quadrant of the Apple consumer base and in some occasions yes not even then, but largely it’s the consumer who has the biggest voting block with Apple in terms of pressure on the platform, as I’ve watched it play it they never had a history particularly after the iPhone came out of having the best developer relations relative to say, Microsoft, who provides a very positive experience in comparison

It’s just not in their DNA because of the fear of having too powerful of vendors putting pressure on the platform that they otherwise control outright. When you look at their policies in this context they make a heck of a lot more sense (even if you don’t agree. I certainly do not always)

Transferred to Apple more than the user.

Apple operates on behalf of the user. Apple saw users with throwaway/burner email addresses and said why not make this easier for everyone?

As long as they don't try to switch

Apple operates on behalf of profit. As it should.

Except that in many cases the email address is an obfuscated one controlled by apple, so Apple really is a gatekeeper between the user and the service.

No more so than Gmail/Yahoo Mail/etc is for the average end user

Yes and it applies to them too

everyone can create a second email address for precisely this purpose and it will be much more anonymous than anything apple promotes

Congratulations, now all of your email goes to a single different email address; your tracking profile is now associated with randomstring@email instead of john.doe@email.

If you wanted something truly private you could create an account at a provider like Fastmail or ProtonMail and create an alias for each account (or just wildcard a custom domain until you need to send from an address). I doubt any tracking system is based on the domain in your email address... not yet, at least.

How is that different from FB/Google's login services? The only apps that are required to support Sign in with Apple are those that also support FB/G/etc sign in, so those companies have already chosen a path...

Google provides an email address. You could replace your Google auth with password auth in an afternoon just by adding a "forgot your password" link.

Facebook auth used to provide an email address, but it's been almost a decade since I last used their APIs so I don't know if that has changed.

Apple's "provide an anonymous email address" inserts them between you and your customer.

When you use Apple's Sign In it flat out asks whether you want to use your real email or an anonymous one. The user is purposely says, "Hey, Apple get in the middle I don't trust these clowns."

HN... where people go to complain about both companies requiring access your email, and companies requiring you to be able to block other companies from access to your email. I don’t get it.

Exactly! Which is as it should be. Way too many websites take for granted that they can do anything with the email addresses provided, including sending spam by default or with no way of opting out. With Sign In with Apple, if they don’t get in my email, that’s because I don’t want them to have it. Then, their poor marketing practices are irrelevant, which actually makes me more likely to create an account on their website.

Many apps also don't want to have the hassle of securely managing user login details.

Not sure about Google auth, but I created a Spotify account with their FB login years ago. About 1.5 years ago I wanted to decouple them, but they have no way to do it. I had to create an entirely new account. Not sure if it's a technical limitation or just a case of Spotify not prioritizing it, but their support tech did relate to me that they had lots of those switches occurring at the time.

Facebook does not guarantee an email address, either. (Just went through this process with Apple/Google/Facebook/Email auth - even using Firebase Auth library - surprising how many edge cases there were).

It's not, which is why they are also removing FB login.

I don’t want to have a relationship with every app developer. If you want a relationship with your customers that you control, you are free not to implement any third party sign on and implement your own.

Not every app maker WANTS to store this user data.

Some makers just want things to work and to keep the process as simple as possible for the user.

There are 3 major problems with this kind of sign-in from the user perspective they apparently omit: whenever you sign-up for a service B with an account at A (usually Google, probably applies to Apple, Facebook and the rest as well) 1. A will block your account at B at any time as soon as its (A's) algorithms realize they don't like you for some stupid reason they won't even tell you (which is icky but understandable given how many users they serve) 2. A tracks your usage of B (obviously). 3. The most overlooked - A discloses many additional details about you (like your contacts, your location, your birth date, your real name etc.) to B. Sign up to some shitty website once and they immediately have enough data on you to apply a wide range of social engineering / identity theft attacks with ease.

I actually can consciously accept the 2 in many specific cases but 1 and 3, each alone, are enough for me to avoid using this kind of sign-in.

Why is 2 so obvious? I imagine many implementations would do that, but basically once you exchange your SSO token for the site-specific token, you could stop making any requests to the SSO provider. The only part of your SSO provider's offering that inherently needs to track you is running detection if you're a bot.

There's a subtle sense of exuberance shining through in this article that makes it a gratifying read, even if you've never heard of the company before. Kudos to them for their decision not to bow to Apple's demands. Please tell us how it goes!

> bow to Apple's demands.

Apple "demanded" companies either add their privacy friendly sign in option, or give up on the data-slurping Facebook google sign-ups. This company gave up FB sign in, which they acknowledge is pretty gross and bloated.

Well, they're also getting rid of the "Log in with Facebook" option too, which is arguably giving into the demands of Apple.

That works as intended - they took out FB integration.

> One problem is that most Apple IDs are tied to an iCloud email address.

Is that actually true? None in my household are.

It depends mostly on the demographic in my experience. For example, my parents have icloud email addresses that they occasionally email me from and never reply to for the reasons mentioned in this post.

My anecdote is similar. I first created my Apple account when the iTunes music store was introduced in 2003.

But, when I setup the account for my mom and my wife, I just created an iCloud email address.

My wife never uses her iCloud email address. I don’t think she uses the default mail client - she uses the gmail app.

Then switch off the Mail option in iCloud settings on their devices. Poof, mailbox disappears.

Last year we pulled all social logins (facebook, google, yahoo) out of our app, after supporting them for years. The UX / customer service issues mentioned in this post are absolutely legit, a complete PITA. While we were nervous about adding the extra signup friction, a year later I can easily say it was worth doing.

> We’re a small company that makes money when people like our app and pay for it. We do not make money with creepy tracking or by selling your information. When you provide us with your email address, it is never sold, shared, or used to invade your privacy.

You're the only one, then.

What's happening here is another revolution. Email spam got so bad, that Congress actually passed a law. Which, of course, did almost nothing. People got so tired of spam, that they avoided email, and allow the services to silently remove 90% of the crap.

This has now spilled over into voice calls, where it got so bad, so quickly, actual legislation was considered again. But people quickly realized that their phone contained a curated whitelist. Now, I never answer unless the number is recognized, and I think most people are doing the same.

Texting is also similarly whitelisted.

At this point, email systems and clients need to start with the assumption of whitelisting. Instead of just a "spam" folder with obvious crap, and controls to flag or unflag messages in that folder, we also need a "questionable" folder, with controls to mark as "known" or "unknown", as well as "spam". Emails shouldn't make it to my inbox unless they pass BOTH the whitelist AND the spam check.

Your iCloud account does not have to be paired with an iCloud email address. Mine is paired with my regular email address.

Yes, but many are. This app in particular needs an email address that is actually checked.

From what others have said, they also need it to add to their marketing list....

3rd party logins have the advantage that sharing content from within your app on those social platforms becomes less of a friction unfortunately - if that's what your app relies on.

Email-only logins work fine with technical users, but non-technical ones absolutely suck at maintaining their logins and passwords. You lose users because they can't login for whatever stupid reason - one of the thousand stupid reasons - and they turn away to never come back, or they register afresh. This is the reality and yes, 3rd party auth is beneficial for popular (non-techie) services.

As for Apple Sign-in, haven't tried it on the development side yet but I can imagine it reduces friction even further and makes the user experience even nicer. This may be such a big bonus for your service that you may ignore the fact that you can't always collect your users' real email addersses. Find other ways to communicate: in-app messaging for example. If the user deletes your app then retargeting via email won't help much anyway - they will mark you as spam and overall it will probably do more harm than good, I think.

Apple's developer docs on the Private Email Relay Service are relevant to those evaluating the technicals of AnyList's position. Three specific highlights from that doc are relevant when considering AnyList's objections:


After the user has shared a private relay email address with your app, they can find, view, and manage it in their account settings at Settings > Apple ID > Password & Security > Apps Using Your Apple ID.

The relay server transforms your email address so it’s readable to the user. For example, sales@xyz.com may become sales_at_xyz_com_<something>@privaterelay.appleid.com instead of a random email address. Replies from the user are still routed back through the service to preserve the user’s privacy.

To send emails to users with private email addresses, you must register your outbound emails or email domains and use Sender Policy Framework (SPF) to authenticate your outbound emails.

I usually uninstall apps with a 1-star review if they provide zero functionality until you provide your email address.

Apps and devices serve me, not the other way around.

So you don't use social media on your phone?

After reading the article and comments i'm honestly a bit baffled.

Why is email address obfuscation an important component of online privacy? There are so many other more invasive and pernicious privacy concerns to worry about. It seems like we're spending an enormous amount of time to build far more complex authentication systems that are brittle and confusing just to avoid sharing an email address. Why?

Email addresses are supposed to be semi-public. If I share it with you I want you to contact me. People do abuse this, of course, but the open nature of it is exactly its best quality. I can sign up for new services easily, they can contact me, and if they bother me I block them.

I've had the same email address for almost 20 years now and have never had issues managing it. I cannot say the same for Facebook connect and Google Auth. I actively avoid signing up for services if I have to use a 3rd party auth service.

An e-mail address is as close to a unique id of a user as you can get online.

It makes cross-site/service tracking very easy.

> "One problem is that most Apple IDs are tied to an iCloud email address."

Is this really true? I've had Apple IDs for pretty much as long as they've existed, but I've never had an iCloud email. Any email address can be an Apple ID.

(...in fact, early on, it didn't even have to be an email address. I still have one of those old-style Apple IDs.)

In a rat-race of adding a bunch of (Sign in with xyz) buttons everywhere in the login forms, this news feels good in a weird way. Most developers use OAuth login support using several other services to reduce the friction of signing up, but this article made me think about this for a while. I've been in a situation where I could not remember whether I signed up using a provider.

Password managers and 2FA options are getting popular in the mainstream media, and most people know about it after their financial service providers are mandating 2FA. It's probably time we figure out an easy way for users to sign in using a random alias of their email address to sign in to any service. Something that is generated using their real email address, the service provider's domain name and some kind of salting. This is the time the plain old username-password login came back.

The only authentic point I saw in this entire article was the one about the lack of documentation by Apple in implementing this across different platforms.

Everything else applies to logging in with Facebook (or can be dealt with in other ways), which the company has supported for years and is now forced to remove it because of Apple’s restrictions. Without Sign In with Apple, I doubt if they would’ve chosen to remove the Facebook login anytime soon, thus putting more users into privacy hell holes despite making statements like this:

“At AnyList, we respect your privacy.


When you provide us with your email address, it is never sold, shared, or used to invade your privacy.”

If the documentation had been good enough, I’m sure they would’ve implemented it and also retained Facebook login for a longer time. Seeing Facebook login being removed gives me some comfort and a sense of “all’s well that ends well”.

Given all these third-party sign-ins are a fairly transparent grab for power by the central company, I'm not sure why anyone would implement any of them. By doing that you're giving up power over your sign-in process, which is a pretty enormous concession.

Not an Apple use but I had a question. If one signs up with Signin with Apple, how can that user move over his stuff to say an Android app? Or even Desktop app? (Or does the Apple ID keep track of all this anonymous id to app mapping?)

You still have your apple account on your PC/Android phone/etc. You just login on apple's website with your apple account and it passes the token/id to whatever app needs it.

For example you can goto dropbox on your pc/whatever and click signin with apple to see how it works.

> your email address, it is never sold, shared, or used to invade your privacy.

This is ambiguous. "..to invade your privacy". They should have stopped at "sold, shared. The "to invade your privacy" is a bit doublespeak. One can say "we do not invade privacy, we merely inform of new products and services (aka marketing).

I know I am being pedantic, but hey.. it doesn't write "never" it writes "never for A".. we never wrote "never for B", so B is allowed by our T&C (which I haven't read so I may stand corrected).

I had never heard of AnyList and this makes sure I will never use them.

Before Sign in with Apple, I uninstalled most apps that required me to sign up before I could even try them at all. Now I specifically look for apps that support it.

I don't want to give my email to 100 different companies (I get spam on the aliases that I did hand out long ago to apps that aren't even around anymore).

Though, all these hitherto obscure companies jumping into the spotlight just by setting themselves up as the underdog against the Apple world tree gives me an idea of what to do when I want a quick boost in popularity.. :)

Developer should just ask for user's email after new sign up using third party provider. Even Facebook does not require email for user to sign up. They should separate the email used for the account & the email used for third party sign in. Because 1 user can have multiple third party sign in, all with different email.

I think they did not need to care about customer who did not check the reply email from support, because customer can also have multiple email and did not use their primary email to sign up to your service.

What's to stop someone signing up with a fake email and sharing it on a forum so that many people can sign in with it?

Yes, I know that there are ways to reduce this by scanning IPs and so on, but by using third party auth you offload that onto the auth providers.

I wonder why we still have passwords. Couldn't we have a simple USB device that is encrypted, cooperates with the native O/S in an encrypted manner, and then allows remote login to sites also in an encrypted manner?

The device could be programmed to automatically generate new passwords/keys/whatever needed for remote authentication.

It would also have a 'disable' functionality that would render it useless if stolen.

(Perhaps this thing already exists. I am too lazy to google it as I type this :-)).

Recently went through the same debacle. Our hope was that we could solely rely on Magic Link instead of email/password ... but it turns out many users don't really understand it [1]. So your options are:

1) Email/Password Sign In

2) Bite the bullet and add Apple / the "full auth stack" (FB/Google/etc.) & deal with account linking issues.

[1] https://snaphabit.app/blog/password-less-login/

Side note: there's (almost) no problem implementing Apple sign in on Android. It is basically the same OAuth flow as Facebook or Twitter, with couple of minor quirks.

I seriously hope I'll see the day when OpenID takes off. It doesn't seem to be going the right way, but it would solve most of our login problems.

One way to sign in, used everywhere, decentralized, set up 2FA for everything in one place, switch providers with ease or be your own provider.

Apple could promote a decentralized solution instead of forcing the sign in with apple shit on people, but clearly they want all your data so they can lock you in.

I dunno. There are simple solutions to the issues raised in the blog post, many good ones here in the comments. Seems likely they wanted to get rid of third party logins and oddly chose to throw it on Apple. And I’m not sure anyone, including Apple, cares if they adopt Sign In with Apple. In the end, I think everyone just wants to end creepy sign-in practices. Facebook login deleted from Anylist... that’s a win for everyone.

It's a grocery list app, how much customer support do they have to do!? Feels like they just really really want to have my email.

Love it. I hate it when I'm presented with a "sign in with Google". I feel pressured to have a Gmail account or a Facebook account (which I honestly don't want).

I get the fact that login is broken across the web and there is no centralized login authority, but sorry Google/Facebook are not it imho.

We can/should look at other ways to authenticate, but thats a larger discussion.

The larger problem is trying to get the average Facebook and Instagram user to care about security (if they cared about those things they wouldn’t be on a Facebook product but I digress).

I applaud Apple’s intentions but as this article proves, if the user isn’t driving the push to be more private then initiatives like Sign In With Apple cause little more than support headaches.

Is it just me or do these sites not realize that "We will never sell your email" does nothing for me? It's not that you'll sell it's that you will get hacked or lose a laptop or have an admin email everyone and then I will get spam. How do others at HN deal with this (disposable emails and prefix/suffix are a huge pain)

It’s pretty user-hostile to refuse to support the authentication provider the user wants to use. If I’m already in the Apple ecosystem, using Sign In with Apple, a service that doesn’t implement Sign In with Apple but could is preventing me from doing what I want, just as much as Walmart not accepting Apple Pay.

Why do you need to log in in this app? All the problems indicate that app is used on one device only

All of them good points. I'll add another wrinkle; for some reasons I can barely remember, I have 2 different Apple IDs. I was a paid .Mac user when it was a thing, but I also had a different account to make iTunes purchases back in the day. Currently I need to log in with both in my devices; one of them is used for purchasing in iTunes/App Store, the other one is used for iCloud Photos/iCloud Drive. However you can also make purchases in the Books app (which I use it to sync PDFs), so this always trips me up. There's no way to merge two Apple IDs, and setting up a new device is always an adventure. Knowing when to use which Apple ID can be confusing (don't get me started on 2FA, I'm afraid that having 2 Apple IDs will eventually lead to me getting locked out!).

I liked the concept of Sign in with Apple when I first heard about it, but at this point it might be too confusing (I also never check my "main" Apple ID email).

Identifying users by email is a bad practice anyway. Such systems usually don't provide a way to change the email address, because it's literally your id. This makes it unnecessarily difficult to migrate between email addresses.

Apple having a major flaw is a pretty bad mark against this. But in my experience, companies doing it themselves are far worse.

The correct response to "Yo, they fucked up." is not "Oh screw it. We'll just do it ourselves."

AnyList does not like Sign In with Apple (and others), but they helping with the sign on jungle.

I find Apple's Sign in approach shady (forcing apps to have it, and have it first on the list), but this response is also about not liking the privacy features of Apple Sign in so... I wouldn't read much into it.

This is a war between apps and platforms on who gets direct access to customers.

How long till it becomes mandatory by Apple? I give it a year. Then they'll say "our users expect it, so now we do" and it won't matter if that's true or not.

Some of this can be solved by asking a user for their email when they open a support ticket. Also allowing them to link accounts from multiple login providers. These are largely "solved" issues.

Makes sense to support it and respect users privacy. If they forget their login, they can just sign in with apple again? And if they contact you for support they can provide their email address to you then.

What about vendor lock-in? Apple forced many apps on the App Store to use Sign In with Apple for increased “convenience” but it also makes it very inconvenient for people to switch to Android.

Sign In with Apple works a lot like Sign In with Google or Facebook. There's no reason it can't be used on Android also.


Yes, that's mentioned in the article:

> if there are platforms where AnyList doesn’t support Sign in with Apple, like Android, and someone wants to log into their account, they’d have to know their privaterelay.appleid.com email address.

I support their decision. They shouldn't be dictating developers which SSO services to use or not. It's developer's app not Apple's.

I mean, if this is pushing them to remove Facebook login, Sign in with Apple and the resulting requirement to use it has been a net positive for privacy for AnyList as well.

The convenience and supposed privacy of signing in with Apple ID out weights the cons. People will still have problem remembering which email they used down the road.

> Furthermore, if there are platforms where AnyList doesn’t support Sign in with Apple, like Android, and someone wants to log into their account, they’d have to know their privaterelay.appleid.com email address. (And that certainly won’t be easy to find if you no longer have an iOS device.) And then they’d have to create a password with us, since they wouldn’t be able to sign in using Sign in with Apple.

I’m an avid iOS user with a Windows desktop. I will never use “Sign-In with Apple” for this reason. It’s not useable unless you exclusively use Apple devices. Which I don’t.

Sign-In with Apple is a (mostly) standard OpenID Connect provider that works everywhere (and works just like sign in with FB, Google, et al from a technical implementation), including the Web and Android. It's an interesting miscommunication or misunderstanding (and I was not surprised to see it in this article) that applications and developers think the "Sign in with Apple" button should only show up on Apple devices. It should show up on the web and in Android apps, Apple only requires it on Apple devices because that's the only devices that they control.

I wish Apple communicated that better and/or developers better understood that Sign in with Apple really is a FB/Google/social login button like all of the others and should be supported everywhere, not just Apple devices.

(I'm in the iOS/Windows dual mode user team myself these days and find that I trust Sign-In with Apple, but I've definitely had to already email developers to request that they add the Sign-In with Apple button to websites and explain why they would/should.)

If you read the article, you'd see they address the reason they cannot implement it on Android yet. Apple hasn't provided documentation for it. Apple doesn't seem to be taking it seriously.

To keep my reply in a single place: https://news.ycombinator.com/item?id=23684452

If I’m on Windows and see Sign-in with Apple how am I supposed to sign in? By typing in a generated email address? It’d not that it can’t work, it’s that it’s a miserable user experience.

If you are on Windows and see Sign-In with Apple, Apple asks you to sign into iCloud, on their servers, if you are not already. It's almost the exact same sign-in flow you would see on Windows iTunes or Windows version of iCloud. You use your normal iCloud account information and 2FA verification (authorize the login in one of your Apple devices). Apple's servers look up the generated app-specific email address for you, just like your Apple device would, and passes that on when it passes the authentication token to the requesting application (which would use the same application identifiers it uses on iOS).

It's no worse a user experience than Sign in with Facebook or Sign in with Google, and in most ways it is the exact same user experience: click the button, get an Apple sign in prompt on Apple servers, sign in, get automatically redirected back to whatever app needed the sign in.

Interesting. I’ve never signed into iCloud on my Windows PC so tbh the thought that’s how it worked never crossed my mind!

I’ve also never come across a “sign in with Apple” button on Windows. Not sure I’ve seen it on iOS either...

Well, that's another app I won't be using.

I’ve got a new sign in flow I’ll be using for all my indie apps. It solves 2 problems I have with Apple.

1) no PWA support for notifications

2) forcing stuff like this on everyone

I use a telegram chat bot. After signing up via the bot that sends you a link to set your password, you then also request a short expiry sign in link everytime you wish to sign in. The chatbot doubles as a notifications channel. I’m thinking of enhancing notifications do you can interact with them directly from the chatbot interface too.

The signin flow is great as it has 2fa built in by default.

I am pretty sure I would never create an account on a website that wants me to chat with a bot on Telegram. This sounds particularly user-hostile.

Why is it user hostile? Maybe you're misunderstanding what it is but for signup it's just a wizard and for login it sends you a link. Pretty seamless experience. To signup you click a deeplink button into the chatbot follow some simple steps and then get logged into the app. Otherwise the notifications work just the same as you're used to except it leverages the chat platform instead of the developer hostile native platform.

Sorry, hostile was probably too much.

I understand after having read the explanation. However, my experience with chatbots is that they are unreliable, unhelpful and obnoxious, and I tend to go out of my way to avoid using them. I don't think a conversation is a right model for this. I also don't think it looks good when a website or app wants me to install a messaging app to create an account (though of course some people already use Telegram). It would have to be very enticing for me to overcome that friction.

The platform (Apple's, in this case) might be hostile to developers to some extent, but the whole web is hostile to users, in no small part thanks to websites slurping as much PI as possible and then leaking it one way or another. I get spam and phishing attempts every day, as do all of us, and I regularly see some of my burner emails show up on haveibeenpwned. Any service that helps me separate my accounts from me is some progress.

Well I also have no intention of slurping PII beyond the bare minimum. I understand there may be some added friction for some users but as a one man show I can’t deal with the maintenance necessary to be on the mobile app stores. I look at it as a constraint to encourage creativity. As I develop ideas I am exploring more and more how to make the ux and the approach gel in a seamlessly natural manner. I guess I’ll find out if I’m successful after launch...

It certainly is creative, and not abusing data is commendable (and I am sincere). We would not be in this situation if websites were better behaved overall. However, I necessarily use heuristics informed by my experience, because I cannot afford the time or money to do a background check for every site or app.

Could you elaborate? Doesn’t this require users to have telegram installed?

Yes. I’ll probably add more chat platforms as I go so you can use whatever one you already have installed

If you disable your account through Apple's website the email is no longer valid. Does anyone know if they recycle the emails?

Wouldn't their problem be solved by using usernames?! Usernames are easy to remember, share and setup.

Why not just bind the sso Mail to an local Account, then it doesn't matter what identity Provider gets used by the customer. In addition, add a check that prevents Account creation of ...@privacyrelay...if you have a problem with it or nag the user to provide a real mail for this account if you detect this type of mail. This way you would have a user friendly implementation without giving up on sso.

Well opined piece, as a customer of Anylist for over 3 years you have my full support in this decision.

Um, it doesn’t forward to their iCloud email address, it forwards to the email they use for their iCloud login - eg the primary gmail or whatever address.

Users have the option to provide their personal email address, but given the track record of these being sold it’s reasonable to expect users to not trust you.

You can email them correspondence because as above that goes to their primary email.

What you lose is the value of the email address as an asset.

I'd like to see Apple allow users to use "Sign in with Apple" to maintain Apple ID account and purchase hardware/software? Imagine if they had to go through what they're asking all the services on their platform to go through... yeah... never gonna happen. Bravo AnyList for calling Apple out for pushing immature software ecosystem harmful software agenda.

As a user, I won't be supporting them either.

Just give me sign in without involvement of a third party.

For me it sounds like they didn’t like the additional work Apple made them do, that would actually benefit the end user - I love sign in with apple, the best part is the unified workflow without typing on a phone.

I dream of a world when I won’t have to type passwords on a phone anymore.

Their blog post is well written and explains point by point why implementing it would be problematic for them AND for end users. Strange that you arrived at the conclusion "they didn’t like the additional work Apple made them do"

They describe and edge case of someone not getting the email or wanting to login on another platform.

I’m talking about the most common happy path that they don’t want to optimize - the user registration/login

I hate typing a secure password on a phone and I want to evade this process whenever possible. Using Sign in with Apple you don’t have to type a thing and you confirm using FaceId.

It seems like the problems they were facing require different UX solutions than they already had or some bug reports to Apple (if the feature is really missing something).

For me it is much better to use Sign in with Apple as the user as the flow is simple, unified and Apple has a track record of caring about privacy, where it is often not the case for randomservice.io

so all of this could be fixed by AnyList just asking the user to type in their email address instead of tying it to a data mining operation from their login name

well at least they are honest!

>> Third-party login systems like Sign in with Apple cause many user experience and customer support headaches.

It’s not. It’s perfectly slick , simple and powerful and even non technical user can use. Please enable.

What a well written and forceful argument.

cry me a river

They will get removed. They don't have the power to fight Apple.

No, they're fine -- if your only login is first-party, you don't need to support Sign in with Apple. (They're taking out FB login to comply.)

I do wonder, though, whether the requirement for Sign in with Apple is coming in a few years. As in, if you allow users to sign in with email/password, you must allow users to sign in with "sign in with apple". It might be more subtle, like suggested auto-fill to create a new account.

That sounds like a bridge too far even by Apple standards. I can get on board with "if you support Facebook, you have to support us as well", but not allowing any kind of escape hatch feels particularly scummy. At some point it's none of Apple's business how people sign up with my service.

I don't understand how "if you support Facebook, you have to support us as well" is ok. Only by holding the relationship between the user and the developer "hostage".

For now. I don't have much hope that it will remain like that.

Well, though titty. Honestly, as a user, I don’t give a damn about the pains this can cause to developers. The amount of spam and unsolicited email crap this is gonna save me from is worth it 100% for the users. And as a developer, I honestly think that Third party sign ins are lazy solutions that empower data-hungry companies way more than they deserve. If your business model relies on people giving you their data or reselling their email or using it for unsolicited purposes (these are the only reasons you would be affected financially by a privacy-driven solution like SIWA) then your business model is bullshit. Suck it up.

EDIT: I really love the downvotes from developers that are perfectly aware this is how the things are.

I found it jarring that Apple would present themselves as the vanguard defenders of privacy by announcing what is basically an email relay service. Most privacy-conscious people wouldn't exactly think of their emails going through Apple as any particular win in privacy.

And even for the "general user" I find the argument very weak, since it doesn't look as being any easier than using any other email relay, and there is a huge obvious conflict of interest for Apple here (they get data they may not have had otherwise PLUS have yet another tool to bind you to their services).

It reminds me of the days where everyone in the www was making OpenID providers but no one was actually willing to do an actual OpenID _consumer_. So that I could actually use _my_ identity provider on a server of _my_ choice instead of going through the hoops of yet another large company for no reason.

How is it anything but a win to have an additional easy option to use a more trusted relay rather than not? Many people have never heard of a relay, and wouldn’t understand its benefit if the option wasn’t presented to them like this.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact