I wasn’t ever really excited about “Sign in with Apple”. Yes, it’s a step forward compared to the alternatives, but it’s still giving some level of control of your app’s user accounts to a third party. That makes me very nervous, both as a user and as a developer.

As a result, I’ve not yet used Sign in with Apple as a user except in one case where there was no alternative. Usernames and passwords are a very long way from ideal, but I know that with my password manager of choice and a bit of personal discipline, I’ll always be able to log in to the services I use for as long as I have an email address.

I can see how using these login services is incredibly tempting as an app developer. Implementing proper user management with login/logout/password reset etc. is tedious work that doesn’t make your app better than the competition, so why would you do it? I’d say guaranteeing to never be in a position where a third party could lock your users out of your service is a pretty good reason.

The other side of the argument is that it reduces sign-up/sign-in friction, and some users are going to trust your app more if they can delegate authentication to their favourite provider. That’s not to be underestimated, but remember that it comes at a price before you jump in.

We don’t know the full details of this week’s Epic/Apple drama, and probably never will. But it seemed like an excellent chance to talk a bit about this subject in general.

Dave Verwer  




macOS Development

And finally...