iPhone X Does iOS present a sign-in prompt looks like this?

[MacMan988]

I feel like something is not right with this alert. Probably the wordings.
Could app developers steal our passwords this way?

 

[Vermifuge]

Seems legit. I assume you haven't logged into the iTunes App store in a while

 

[nburwell]

I agree that it look legit as well. If you haven't logged into iTunes in awhile, you'll be prompted for your password.

 

[jav6454]

If the OS prompts you, then its good.

 

[akash.nu]

There’s no way of knowing if that alert is triggered by the OS or the app.

My suggestion would be to get out of the app and sign in to your AppStore account / try to download a free app and sign in that way if it asks for your password.

Then kill the app and restart. If that prompt still comes up then there could be something fishy there.

 

[jav6454]

There’s no way of knowing if that alert is triggered by the OS or the app.

My suggestion would be to get out of the app and sign in to your AppStore account / try to download a free app and sign in that way if it asks for your password.

Then kill the app and restart. If that prompt still comes up then there could be something fishy there.

I say it's real from the OS. Only the OS prompts you for a log-in to rate an app.

 

[akash.nu]

I say it's real from the OS. Only the OS prompts you for a log-in to rate an app.

Nope. This can be done within the app. A simple alert like that is easy to implement based on number of launches for example.

Also, can be triggered by a server call easily.

If it’s a OS alert then generally that already contains the Apple ID in the alert box.

 

[jav6454]

Nope. This can be done within the app. A simple alert like that is easy to implement based on number of launches for example.

Also, can be triggered by a server call easily.

If it’s a OS alert then generally that already contains the Apple ID in the alert box.

That I did not know.

 

[chrfr]

I feel like something is not right with this alert. Probably the wordings.
Could app developers steal our passwords this way?

If you enter the wrong Apple ID password, and the password is accepted without error, you'll know that the prompt is trying to steal credentials. I certainly would not trust it.

 

[akash.nu]

That I did not know.

No worries. We all learn something new everyday.

 

[rugmankc]

just sign in with random letters. if a scam it will take it. if not you will prompted to retype pw.

 

[NoBoMac]

I'm guessing fake. There were stories and thread on this board re: developer that came up with a proof of concept for generating fake sign-in prompts.

https://arstechnica.com/information...f-sketchy-ios-popups-that-want-your-apple-id/

Big thing on the OPs example is that the sign-in prompt is not providing the Apple ID information, just password prompt.

ADD: from the article above:

iOS users can protect themselves by doing the following when they encounter a password popup: hit the home button. If the app and password prompt close, the prompt was likely a phishing attempt. If the dialog and app remain visible, the dialog was generated by iOS.

 

[Apple_Robert]

That looks app initiated.

 

[SRLMJ23]

That is fake and a phishing attempt, almost positive. If Apple initiates it, it would already have your Apple ID in the prompt. Put the wrong password in and if it goes away without prompting you again, you will know it was a phishing attempt.

 

[alexmarchuk]

Yeah, type random letters into it and see if it accepts it.

 

[MacMan988]

Thanks for all replies. I tried to get the prompt again but now it doesnt come.