1. If any website can have you sign in with Apple ID, is there a danger of nefarious sites stealing your Apple log on. After all, you going to a website that Apple doesn’t not control and entering your sensitive information. How would I know I can trust the website?

      1. Still doesn’t answer my question. If a nefarious website redirects you to a fake Apple logon site and not to the actual Apple logon site, how would you know? As more and more sites use this, people are will be trained to just log on. Its a new vector for hackers to trick people into giving away they Apple ID and password.

      2. Am I missing something here. What if a hacker created a website and embed a FAKE apple sign-in button the looks and acts like the authentic Apple sign-on button, but all it does is logs Apple IDs and password. Is there a mechanism in place to prevent this from happening, and is there a way for users to know if the site is tricking them or not?

          1. I understand how it’s suppose to work. I am not worry about legitimate websites. The Apple Sign-in Button seems like it could easily be faked to trick a user, this is more of my concern, how do you know which site is using the real Apple Sign-in Button verses a FAKE one.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.