Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

'Sign in with Apple' better than using passwords, says Google authentication chief

Last updated

The head of Google's account sign-in teams is seemingly positive about Apple's introduction to the authentication space with "Sign in with Apple," revealing in an interview it would be preferable to use Apple's button than to manually enter usernames and passwords.

Apple's entry into the industry of authentication, as launched at WWDC, puts it in direct competition with Facebook and Google's single sign-on buttons. Billed as a privacy-focused alternative, "Sign in with Apple" provides the ability to create a fresh account that is blank of all identifying data, enabling users to enter just what is needed for the app and minimizing third-party tracking.

Despite being a direct competitor to Apple's new service, Google is somewhat welcoming of the new log-in option, with Google product management director Mark Risher revealing in an interview with The Verge it is preferable for users to employ some form of single sign on button to get into apps than to rely on the usual usernames and passwords, which can be reused between services.

"I honestly do think this technology will be better for the internet and will make people much, much safer," advised Risher. "Even if they're clicking our competitors button when they're logging into sites, that's still way better than typing in a bespoke username and password, or more commonly, a recycled username and password."

The increased use of the sign-in buttons has made the internet and app experience better, saving users from having to set up their own credentials each time, which users still believe is the "best thing" to improve security. "But in actually [it] has no bearing on phishing, no bearing on password breaches, no bearing on password reuse," Risher insists, with it being more important for users to reduce the total number of passwords they use.

Apple's decision to focus on data collection and privacy as a reason to use Sign in with Apple over the others is seen as a criticism of Google's version, but Risher takes the blame for Google having "not really articulated what happens when you press" its button. "A lot of people don't understand, and some competitors have dragged it in the wrong direction," he suggests, with the idea of the button press notifying friends of the user signing into an embarrassing site used as an example of the supposed unwarranted threat of the button's use.

The introduction of a new option from Apple gives a chance to "reinvigorate the space and to make it clear what this means and what happens, that is really beneficial."

Risher objects to the "bunch of innuendo" that suggests "only one of them is pure, and the rest of them are kind of corrupt." Google is said to only log the moment of authentication, and that it isn't using the event for any other purpose such as advertising, only for the user to see where they used it within a page of the Google account's Security Checkup.

On the subject of having different levels of security for various apps and services instead of putting everything into the federated model of single-sign-on, Risher defends the idea of authentication buttons for apps by suggesting the metaphor is less about putting all of a user's eggs into one basket, more about banking.

"There are two ways to store your hundred dollars: you could spread it around the house, putting one dollar in each drawer, and some under your mattress and all of that," Risher proposes. "Or you could put it in a bank, which is one basket, but it's a basket that is protected by 12-inch thick steel doors. That seems like the better option."



18 Comments

lostkiwi 18 Years · 640 comments

Risher objects to the "bunch of innuendo" that suggests "only one of them is pure, and the rest of them are kind of corrupt." Google is said to only log the moment of authentication, and that it isn't using the event for any other purpose such as advertising, only for the user to see where they used it within a page of the Google account's Security Checkup.

“Oh, of course we respect Safari’s security provisions. We would never hack into and ignore the preferences the customer had set up on that browser “

Yeah right. 

wattouk 5 Years · 51 comments

"I honestly do think this technology will be better for the internet and will make people much, much safer," advised Risher. "Even if they're clicking our competitors button when they're logging into sites, that's still way better than typing in a bespoke username and password, or more commonly, a recycled username and password." 

BULLSHIT. He wants people to use google and Facebook sign-on's so that they can harvest data - we're not stupid. However, it seems apple is going the right way about privacy.

sflocal 16 Years · 6138 comments

wattouk said:
"I honestly do think this technology will be better for the internet and will make people much, much safer," advised Risher. "Even if they're clicking our competitors button when they're logging into sites, that's still way better than typing in a bespoke username and password, or more commonly, a recycled username and password." 
BULLSHIT. He wants people to use google and Facebook sign-on's so that they can harvest data - we're not stupid. However, it seems apple is going the right way about privacy.

Of course he's lying.  With the uproar over privacy failures everywhere, management folks like him aren't going to say they're against an option that would secure an individual's privacy on the Internet.

rob53 13 Years · 3314 comments

lostkiwi said:
Risher objects to the "bunch of innuendo" that suggests "only one of them is pure, and the rest of them are kind of corrupt." Google is said to only log the moment of authentication, and that it isn't using the event for any other purpose such as advertising, only for the user to see where they used it within a page of the Google account's Security Checkup.
“Oh, of course we respect Safari’s security provisions. We would never hack into and ignore the preferences the customer had set up on that browser “

Yeah right. 

"fool me once, shame on — shame on you. Fool me — you can't get fooled again"

Wgkrueger 8 Years · 352 comments

Rushers $100 analogy where each dollar is a password doesn’t make sense to me. What it sounds like is I have 100 passwords and I need to keep them in a password vault, like the one provided by 1Password. The Google authentication chief needs to get in touch with the Google analogy chief.