Ask users to authenticate only in exchange for value, such as personalizing the experience, accessing additional features, purchasing content, or synchronizing data. If your app requires authentication, use Sign in with Apple to give people a simple and secure way to sign in. When you support Sign in with Apple, people get a consistent sign-in experience they can trust and the convenience of not having to remember multiple accounts and passwords.

If you don't use Sign in with Apple, use Password AutoFill. This feature automatically generates and fills in passwords and security codes so people can spend less time on authentication screens. All apps should support this feature. For developer guidance, see Supporting Password AutoFill.

Delay sign-in as long as possible. People often abandon apps when they're forced to sign in before doing anything useful. Give them a chance to fall in love with your app before making a commitment to it. In a shopping app, let people browse your merchandise immediately upon launch, and require sign-in only when they're ready to make a purchase. In a media-streaming app, let people explore your content and see what you have to offer before signing in to play something.

Explain the benefits of authentication and how to sign up for your service. If your app requires authentication, display a brief, friendly explanation on the login screen that describes the reasons for the requirement and its benefits. Also, remember that not everyone using your app has an account from the start. Make sure you explain how to get one, or provide a simple in-app way to sign up.

Minimize data entry by showing appropriate keyboards. When asking for an email address, for example, show the email keyboard screen, which includes helpful data entry shortcuts. For related guidance, see Keyboards. For a complete list of available keyboard types, see the UIKeyboardType constant of UITextInputTraits.

Never use the term passcode. A passcode is used for unlocking the user's iOS device and authenticating with Apple Pay when biometric authentication is disabled.

For Apple Pay authentication design guidance, see Apple Pay.

Face ID and Touch ID

Whenever possible, support biometric authentication. Face ID and Touch ID are secure, familiar authentication methods that people trust. If a user has enabled biometric authentication, you can assume they understand how it works, appreciate its convenience, and prefer to use it whenever possible. Bear in mind that people may choose to disable biometric authentication on their device, so your app should be prepared to handle this scenario.

Screenshot of a lock screen with a Face ID prompt to open Reminders.

Screenshot of a lock screen with both a Touch ID prompt and a passcode prompt to open Reminders.

Present people with a single way to authenticate. It's most intuitive when people don't have to choose how to authenticate. Just give them a single option, like Face ID. Offer alternatives, like asking for a username and password, as fallbacks only if the initial method fails.

Initiate authentication only in response to user action. An explicit action, like tapping a button, ensures that the user wants to authenticate. In the case of Face ID, it also increases the likelihood that the user is facing the camera.

Always identify the authentication method. A button for signing in to your app using Face ID, for example, should be titled "Sign In with Face ID" rather than "Sign In."

Reference authentication methods accurately. Don't reference Touch ID on a device that supports Face ID. Conversely, don't reference Face ID on a device that supports Touch ID. Check the device's capabilities and use the appropriate terminology. For developer guidance, see LABiometryType.

In general, avoid offering a setting for opting in to biometric authentication within your app. If biometric authentication is enabled at the system level, just assume the user wants to use it. If you implement an app-specific setting, the user may get into a state where biometric authentication appears to be enabled in your app when it's really disabled systemwide.

Don't use icons to identify system authentication features. When people see icons that look like the system's Touch ID (thumbprint) and Face ID icons, they think they're supposed to authenticate. Using icons to identify authentication features creates inconsistency and causes confusion, especially when the icons are colorized, displayed at a large size, and presented out of context.

For developer guidance, see Local Authentication.