Difference between creating website accounts through Apple versus. Email?

[thomasparra]

Let's you you want to create an account on Reddit, Epic Games, or any other websites. Would you choose to create it through Apple or through the traditional email form process? What are the pros and cons of each? Does this replace 2FA by phone number?

 

[pmiles]

Let's say you use 3 different sites, one for banking, one for shopping, and one for gaming. For convenience, you decide to use the same login credentials for all 3. One of them has a security breach and you are informed to change your login credentials immediately. Now all 3 are compromised instead of just one.

The traditional email process is less convenient, however it allows you to use multiple email addresses across multiple sites... thereby mitigating your potential risk.

There is no bullet-proof approach, both are equally vulnerable, however, convenience usually gives way to susceptibility in the long run. You might get compromised, you might not. It's a gamble with anything put out there on the internet.

It's far easier to dump a compromised email account and replace it with a new one than to change your Apple credentials.

 

[thomasparra]

Let's say you use 3 different sites, one for banking, one for shopping, and one for gaming. For convenience, you decide to use the same login credentials for all 3. One of them has a security breach and you are informed to change your login credentials immediately. Now all 3 are compromised instead of just one.

The traditional email process is less convenient, however it allows you to use multiple email addresses across multiple sites... thereby mitigating your potential risk.

There is no bullet-proof approach, both are equally vulnerable, however, convenience usually gives way to susceptibility in the long run. You might get compromised, you might not. It's a gamble with anything put out there on the internet.

It's far easier to dump a compromised email account and replace it with a new one than to change your Apple credentials.

Got it. I have three questions that are a bit more technical:

i) If I change my AppleID email address at a later stage, I assume there is no need to edit the email adresses in any of the websites where I created an account using the Apple ID method?

ii) It seems that signing with AppleID / linking to AppleID prevents the website from performing 2FA (I assume this is because AppleID has integrated/Invisible 2FA). I did test the email method vs. AppleID on a website and it seems that the AppleID option bypasses the SMS 2FA condition, whereas the email login method always asks for a SMS code.

iii) How does it work when login in on Non Apple devices when the AppleID method was used (e.g. Microsoft, Android, PS5 etc)?

 

[Slartibart]

registering via email offers additionally to use Hide My Email