This Week's Sponsor:

Kolide

Ensure that if a device isn’t secure it can’t access your apps.  It’s Device Trust for Okta.


iCloud for iOS Onboarding

Sebastian Kreutzberger has posted a plea for developers to consider implementing iCloud authentication in their apps in lieu of traditional emails and passwords. The idea is that iCloud is inherently secure and anonymized, making for a superior solution to login information reused across multiple services.

The “magic” of iCloud authentication lays in its invisibility to the user.

With iCloud an app does not need to ask the user for an email address or a password to be able to uniquely identify who is running the app (and to later spam the user in marketing campaigns).

With the built-in, invisible iCloud authentication every app (developer) automatically can get a secure, globally unique representation of the currently logged-in iCloud user from iOS itself which it then can use to replace email and password as identifiers.

I don’t know if iCloud authentication would work for every web service with an iOS app, but I certainly am annoyed by having to create online accounts for almost every app I try these days. I have relied on iCloud signup for a couple of apps so far, and the experience has been really nice. I would like to see it used more.