Go Back   MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Reply
 
Thread Tools Search this Thread Display Modes
Old Jun 13, 2014, 12:55 PM   #1
MacRumors
macrumors bot
 
Join Date: Apr 2001
iOS 8 Simplifies App Login Process with Safari Password Sharing




Logging into and setting up apps will be easier in iOS 8 thanks to new Continuity APIs Apple has introduced to allow iOS apps to access Safari's stored usernames and passwords. The feature, announced at a developer session at WWDC (via 9to5Mac), will let users quickly log in to an app that is associated with a website they have previously visited.

For example, if a user has accessed Gmail in Safari for Mac or iOS and opted to store a password, that password can then be used to log in to Google's Gmail iOS app with a single tap, greatly speeding up and streamlining the login process. During the session, Apple demonstrated with a test website and app called "Shiny."

The functionality is available to all developers and has the potential to be built into any third-party app with an accompanying website. Developers will need to associate a website with their app, which will then give them the option to request credentials saved in Safari, offering the option at login.

The process also works both ways. Apps that have an associated website that a user has not visited will be able to store login information to Safari, later letting a user access that stored information on the web when browsing to the site associated with the app.

As part of Continuity, the new Safari/app integration is designed to make it easier to seamlessly switch between devices, cutting down on the frustration of logging into an app. Apple also hopes the new system will increase security, as users can now select Safari's randomized suggested passwords for both apps and websites.

Article Link: iOS 8 Simplifies App Login Process with Safari Password Sharing
MacRumors is offline   2 Reply With Quote
Old Jun 13, 2014, 12:56 PM   #2
joejoejoe
macrumors 65816
 
Join Date: Sep 2006
This combined with iCloud Keychain and Touch ID and we'll barely ever have to remember our passwords again.
joejoejoe is offline   11 Reply With Quote
Old Jun 13, 2014, 12:58 PM   #3
Cali Fornia
macrumors regular
 
Join Date: Feb 2012
Location: Vienna, Austria
TouchID and this will be heaven for anyone who hates inserting passworts.
Looking forward to upgrading my iPhone 5 in the fall.
Cali Fornia is offline   9 Reply With Quote
Old Jun 13, 2014, 12:58 PM   #4
BlahBlahBen
macrumors newbie
 
Join Date: Jun 2014
How will developers need to associate? will it be just a string of a domain, or is there any verification...
BlahBlahBen is offline   9 Reply With Quote
Old Jun 13, 2014, 12:59 PM   #5
marf1million
macrumors member
 
Join Date: Jul 2013
Great new feature.
marf1million is offline   2 Reply With Quote
Old Jun 13, 2014, 01:00 PM   #6
rorschach
macrumors 68000
 
Join Date: Jul 2003
Quote:
Originally Posted by BlahBlahBen View Post
How will developers need to associate? will it be just a string of a domain, or is there any verification...
My question as well.
__________________
MacBook Air 13-inch (Mid 2012), iPhone 6
rorschach is offline   1 Reply With Quote
Old Jun 13, 2014, 01:02 PM   #7
itcomesinwaves
macrumors member
 
Join Date: Jul 2003
Oh happy day!

Hooray! I've been hoping for this feature. Now if they could just make it a bit more comprehensive in Safari. Too often it doesn't catch it when I change my password, or just plain doesn't work for some sites (cough cough, gmail, cough).

Heck even MacRumors doesn't work with it. I literally just reset my password fro post this comment and Safari continues to autofill my previous (incorrect) password for MacRumors.
itcomesinwaves is offline   1 Reply With Quote
Old Jun 13, 2014, 01:02 PM   #8
The Doctor11
macrumors 68040
 
The Doctor11's Avatar
 
Join Date: Dec 2013
Location: USA
Quote:
Originally Posted by Cali Fornia View Post
TouchID and this will be heaven for anyone who hates inserting passworts.
Looking forward to upgrading my iPhone 5 in the fall.
Yes. Its just sucks having to type in the user name and then the password... This is nice to have.
__________________
iPhone 6, iPad 3rd gen, Apple TV, Airport Express
Guys my iPhone 4 bent. Idk what happened I just put it in my pocket...
Please subscribe to me on YouTube
The Doctor11 is offline   1 Reply With Quote
Old Jun 13, 2014, 01:03 PM   #9
cariacou
macrumors regular
 
Join Date: Jul 2010
7 years of iOS developpment, worth the wait
__________________
The greatest trick the Devil ever pulled was convincing the world he didn't exist - The Usual Suspects, 1995
cariacou is offline   1 Reply With Quote
Old Jun 13, 2014, 01:03 PM   #10
lotzosushi
macrumors 6502
 
Join Date: Jan 2007
All hail Continuity!
__________________
2.3GHz i7 MacBook Pro Retina | 128GB iPad air 2 | 128GB Space Gray iPhone 6+ | 64GB Goldpagne iPhone 5S | 32GB Nexus 5 | 64GB Sandstone OnePlus One | Google Glass | Moto 360
lotzosushi is offline   7 Reply With Quote
Old Jun 13, 2014, 01:04 PM   #11
ArtOfWarfare
macrumors 603
 
ArtOfWarfare's Avatar
 
Join Date: Nov 2007
Send a message via Skype™ to ArtOfWarfare
Quote:
Originally Posted by BlahBlahBen View Post
How will developers need to associate? will it be just a string of a domain, or is there any verification...
Great question - I'm wondering the same thing.

Apple requires app developers to provide support email addresses and websites with their submissions, but I've noticed that many people supply made up email addresses and websites - Apple doesn't even bother verifying they're real. Heck, I saw one app that had www.apple.com listed as the support website (and it wasn't an Apple app). I've reported them as I see them, but the fact that in Apple's review process they don't bother checking email addresses or URLs right now suggests that they won't bother checking associated URLs, either.

Perhaps the real way this will work is Apple will make sure that the app never receives the credentials itself, and the framework instead handles the credentials itself and just sends them to the URL they're associated with when it's told to do so?

In that way, anyone could make a Facebook app, but the credentials would only ever be sent to Facebook.

Apple would have to be sure to keep the credentials always encrypted on device though, or else a little bit of introspection code and it would be trivial for any app to access the credentials.
__________________
Don't tell me Macs don't last: 2007 iMac, 2007 Mac Mini, 2008 MacBook Air, all Vintage.
(iMac obsoletion: April 28, 2015, MBA: October 14, 2015, Mac Mini: March 9, 2016)
ArtOfWarfare is offline   2 Reply With Quote
Old Jun 13, 2014, 01:05 PM   #12
nezr
macrumors newbie
 
Join Date: Feb 2010
this is revolutionary...for real.
nezr is offline   0 Reply With Quote
Old Jun 13, 2014, 01:06 PM   #13
bacaramac
macrumors 65816
 
bacaramac's Avatar
 
Join Date: Dec 2007
I CAN NOT WAIT FOR THIS. I hate trying to remember my passwords for an app when all the safari sites have it saved.
__________________
iMac 27" 3.06Ghz 2TB Time Capsule and AP Express Current Gen AppleTV x 3 iPhone 5s Space Gray 16Gb iPod Touch 4th Gen White iPad mini White/Silver 16GB WiFi
bacaramac is offline   5 Reply With Quote
Old Jun 13, 2014, 01:07 PM   #14
furi0usbee
macrumors 6502a
 
Join Date: Jul 2008
I'm a loyal 1Password user, but there is at least once scenario where I might stop using 1Password and use Apple's solution.

If I can choose to sign into these websites using the stored keychain password *while* authenticating with a fingerprint, I think I'd be be able to sleep that anyone couldn't pick up my phone and log into stuff.

So if it works like this...

1. Visit amazon.com for first time
2. Go to login
3. Phone says "hey I see you already have a login, want to use it forever?"
4. I say yeah
5. Anytime I try to log into amazon, I just touch the sensor and it logs me in using keychain info.

If this solution logs in regardless of any finger ID, I wouldn't want to use it. I would only feel comfortable touching the sensor while logging in.
__________________
YouTube - Apple iPhone Support Hotline (Actual Phone Call Recording)
MacBook Pro 15" (Retina) 2.3GHz i7 / 8GB RAM  iPad mini (AT&T) (16GB)
furi0usbee is offline   5 Reply With Quote
Old Jun 13, 2014, 01:10 PM   #15
jclo
Editor
 
Join Date: Dec 2012
Location: California
Quote:
Originally Posted by BlahBlahBen View Post
How will developers need to associate? will it be just a string of a domain, or is there any verification...
Quote:
Originally Posted by rorschach View Post
My question as well.
Quote:
Originally Posted by ArtOfWarfare View Post
Great question - I'm wondering the same thing.

Apple requires app developers to provide support email addresses and websites with their submissions, but I've noticed that many people supply made up email addresses and websites - Apple doesn't even bother verifying they're real. Heck, I saw one app that had www.apple.com listed as the support website (and it wasn't an Apple app). I've reported them as I see them, but the fact that in Apple's review process they don't bother checking email addresses or URLs right now suggests that they won't bother checking associated URLs, either.

Perhaps the real way this will work is Apple will make sure that the app never receives the credentials itself, and the framework instead handles the credentials itself and just sends them to the URL they're associated with when it's told to do so?

In that way, anyone could make a Facebook app, but the credentials would only ever be sent to Facebook.

Apple would have to be sure to keep the credentials always encrypted on device though, or else a little bit of introspection code and it would be trivial for any app to access the credentials.
There is a verification process.
jclo is offline   1 Reply With Quote
Old Jun 13, 2014, 01:12 PM   #16
Parasprite
macrumors 68000
 
Parasprite's Avatar
 
Join Date: Mar 2013
Quote:
Originally Posted by bacaramac View Post
I CAN NOT WAIT FOR THIS. I hate trying to remember my passwords for an app when all the safari sites have it saved.
As someone who uses randomly generated 30+ character passwords, I can't help but agree with this. It's one of the reasons why I rarely use app versions of websites .
__________________
Has anyone, anywhere, ever actually used ~/Pictures/iPod Photo Cache/ for anything besides deleting or hiding it?
Parasprite is offline   2 Reply With Quote
Old Jun 13, 2014, 01:12 PM   #17
nwcs
macrumors 6502a
 
Join Date: Sep 2009
Location: Tennessee
I hope they allow password managers like 1Password participate in this capability. A lot of us prefer to manage our passwords outside of Safari for various reasons. Having deeper integration would be awesome.
__________________
This space intentionally not blank
nwcs is offline   7 Reply With Quote
Old Jun 13, 2014, 01:13 PM   #18
AngerDanger
macrumors 65816
 
AngerDanger's Avatar
 
Join Date: Dec 2008
Location: doing the Dada Polka
I love that their test website and app were called Shiny; it's like Apple is parodying itself.
AngerDanger is offline   4 Reply With Quote
Old Jun 13, 2014, 01:20 PM   #19
raam89
macrumors member
 
Join Date: Jul 2011
Location: The Golden state
good

I used safari icloud keychain's autosuggest feature for password in some websites and had to go through the stored password in safari preferences and enter it in the iPhone app. I was just then thinking Apple could introduce an API to pick stored passwords from safari and they've delivered.
raam89 is offline   0 Reply With Quote
Old Jun 13, 2014, 01:20 PM   #20
Peteman100
macrumors 6502
 
Join Date: Apr 2011
Location: Berkeley, CA
+1 on hoping 1Password is allowed to have the same capability
Peteman100 is offline   2 Reply With Quote
Old Jun 13, 2014, 01:23 PM   #21
madsci954
macrumors 68000
 
Join Date: Oct 2011
Location: Ohio
It's...it's so beautiful....

<weeps many manly tears>
madsci954 is offline   5 Reply With Quote
Old Jun 13, 2014, 01:24 PM   #22
dugbug
macrumors 6502a
 
Join Date: Aug 2008
So is this only for uiwebkit objects or an actual external (to uiwebkit) api?
__________________
Doodle Dice iOS puzzle game: http://www.dyerware.com/forum/index....pic,194.0.html
The greatest iOS game in the world? Perhaps my friends. Perhaps.
dugbug is offline   0 Reply With Quote
Old Jun 13, 2014, 01:27 PM   #23
mistafro
macrumors member
 
Join Date: Aug 2003
Awesome.
mistafro is offline   1 Reply With Quote
Old Jun 13, 2014, 01:27 PM   #24
coolfactor
macrumors 68000
 
Join Date: Jul 2002
Location: Vancouver, BC CANADA
These credentials are stored in Keychain, not "in Safari". Safari merely stored them in Keychain, but other applications can access them. This is actually a very handy feature, and I hope it comes to OS X, as well.
coolfactor is offline   7 Reply With Quote
Old Jun 13, 2014, 01:32 PM   #25
NightFox
macrumors 68000
 
NightFox's Avatar
 
Join Date: May 2005
Location: Shropshire, UK
Quote:
Originally Posted by Cali Fornia View Post
TouchID and this will be heaven for anyone who hates inserting passworts.
Looking forward to upgrading my iPhone 5 in the fall.
The only trouble with systems that handle the ID/password process automatically behind the scenes is when you lose your passwords, such as accidentally wiping your keychain and because you've not had to type in your passwords for years (or created really good, complex ones) you can't remember what they were!

I can still remember my "Compunet" logon and password from 1986 because I had to type it in every time I went online - but I wouldn't have a clue what my current broadband one is.
__________________
2013 Mac Pro 6x3.5GHz :: MacBook Pro 13" 2.53GHz :: iPad 3 64GB :: iPho... Oh, you've gone.
NightFox is offline   2 Reply With Quote

Reply
MacRumors Forums > News and Article Discussion > MacRumors.com News Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Forum Jump

All times are GMT -5. The time now is 04:01 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC