ID.me made me mad

[CMoore515]

Trivial? There's nothing trivial about removing a secure way to log in. It was a stupid decision. It was a royal pain in the ass to get an account set up on id.me too.

ID.me is far more secure than Sign in with (Third Party Provider). Guaranteed. I fail to see how this is a bad thing. You're just complaining to complain at this point, honestly.

 

[Matsamoto]

Why wouldn’t a hide my email address work? It’s just a randomly generated iCloud email address.

I thought this also, untill i didn't.

Yesterday i needed to create a login to one site here in Sweden, carinfo.se, and i used Apple login and hide my mail.
The site didnt't approved that, and said that this is not a real mail, its a fake, and i have to use a real mail.
So my experience is that the hide my own mail on Apple always don't work.
I dont know why it wouldn't work.

 

[nikon1]

No social media company acts as a gatekeeper to someone's world out of the goodness of its heart.

Any “services” you don’t pay for means you / your data is the product.

Google, all (anti)social media — FaceCrook, TikTok and all the others — are living large on collecting as much of your data as they can. Let’s not forget Amazon, WalMart and all the other on-line & brick&mortar retailers.

 

[russell_314]

I thought this also, untill i didn't.

Yesterday i needed to create a login to one site here in Sweden, carinfo.se, and i used Apple login and hide my mail.
The site didnt't approved that, and said that this is not a real mail, its a fake, and i have to use a real mail.
So my experience is that the hide my own mail on Apple always don't work.
I dont know why it wouldn't work.

It’s unfortunate that some corporations are determined to gather and sell customer data. It’s getting harder to avoid it.

I just saw a story about Home Depot using facial recognition on self checkouts to identify customers. This way they can match your face to all of your credit or debit cards. If Home Depot is doing it, I would bet a month salary that Walmart has been doing it for years now

 

[maflynn]

What the hell? Sign in with Apple is secure and convenient! 🤬

Correct me if I'm wrong but ID.ME is about validating someone's identity and using social media poses a risk to ensuring you are who you are - at least that's the rationale behind that I assume. I can see getting and using a specific email address is an option instead of relying on google, apple etc for authentication.

Using apple is convenient, but for a security company they may have issues in the sense they are now trusting another company for security - I'm postulating but it seems to make sense.

 

[Black_Mage]

Correct me if I'm wrong but ID.ME is about validating someone's identity and using social media poses a risk to ensuring you are who you are - at least that's the rationale behind that I assume. I can see getting and using a specific email address is an option instead of relying on google, apple etc for authentication.

Using apple is convenient, but for a security company they may have issues in the sense they are now trusting another company for security - I'm postulating but it seems to make sense.

True. I’m over it now, but it took a few days to calm down.

 

[01cowherd]

Why wouldn’t a hide my email address work? It’s just a randomly generated iCloud email address.

It's not an iCloud address. The Sign in with Apple Hide My Email (<random>@privaterelay.appleid.com) is different from the iCloud+ Hide My Email (<human-readable-random>@icloud.com), and there are more restrictions on the Sign in with Apple ones. The hidden email is associated with an app/website (and thus developer), and only email addresses associated with the developer are allowed to send to that hidden email. This sounds fine, except lots of sites have multiple domains or use mailing services and don't configure things correctly, so sometimes you'll never receive mail from them. Or you have to send email to the site from your registered email (as proof of account ownership), but you can't send mail from these addresses. Honestly, having used Sign in with Apple before, I can't recommend it to anyone who has iCloud+ (or another email alias service) because it's a huge hassle if you ever run into the aforementioned issues.

I guess since it uses Face ID to unlock on your device.

Sign in with Apple requires 2FA enabled on your Apple account. There's plenty of sites that allow social logins (SSO) but don't have 2FA options—though ID me is not one of them, and it's not specific to Sign in with Apple vs other SSO providers.

You can use login.gov to register/login to the US IRS…

Not sure where you can use Login.gov, but to log in to a taxpayer account requires ID.me.

I personally prefer login.gov, as it is an official government (meaning public) service, whereas id.me is some private contractor who can legally do all sorts of stuff with your personal information.

It's also amusing because .me is a country code top-level domain (ccTLD) owned by the Government of Montenegro. In other words, use of the ID.me domain name is reliant on the continued approval of a foreign government. On principle, it should only use a U.S.-managed TLD such as .com, .org, .us etc. for U.S. Government business.

 

[russell_314]

It's not an iCloud address. The Sign in with Apple Hide My Email (<random>@privaterelay.appleid.com) is different from the iCloud+ Hide My Email (<human-readable-random>@icloud.com), and there are more restrictions on the Sign in with Apple ones. The hidden email is associated with an app/website (and thus developer), and only email addresses associated with the developer are allowed to send to that hidden email. This sounds fine, except lots of sites have multiple domains or use mailing services and don't configure things correctly, so sometimes you'll never receive mail from them. Or you have to send email to the site from your registered email (as proof of account ownership), but you can't send mail from these addresses. Honestly, having used Sign in with Apple before, I can't recommend it to anyone who has iCloud+ (or another email alias service) because it's a huge hassle if you ever run into the aforementioned issues.

Leave it to Apple to make it complicated. I actually like to sign in with Apple feature because it makes it easy to sign up for an account without giving out your real email. If I start getting spammed or don’t want that account anymore, I just delete it on my end.

Sign in with Apple requires 2FA enabled on your Apple account. There's plenty of sites that allow social logins (SSO) but don't have 2FA options—though ID me is not one of them, and it's not specific to Sign in with Apple vs other SSO providers.

Yes, it requires 2FA on your Apple account but when you sign onto one of those sites, there’s no 2nd factor unless it’s counting Face ID. The whole 2FA thing has been blurred in my opinion. It used to be an email, text or an authenticator app that’s completely separate from the sign in process. Like a second separate check. Now we have authenticator apps built into the original app you’re signing into so it doesn’t really feel as secure.

Not sure where you can use Login.gov, but to log in to a taxpayer account requires ID.me.

In my opinion, that’s a complete fail. I’m sure ID.me has government agents working for it but still it’s a private company. The IRS should be using a government login.

 

[ifxf]

You should have used the absurd login method created by EFTPS before they went with id.me/login.gov. The Treasury login wasn’t much better. The IRS was supposed to support login.gov but I guess this work was cut this year.