Ask users to authenticate only in exchange for value, such as personalizing the experience, accessing additional features, purchasing content, or synchronizing data. If your app requires authentication, keep the sign-in process quick, easy, and unobtrusive, so it doesn’t detract from the enjoyment of your app.
Use Password AutoFill in all sign-up and sign-in flows. This feature automatically generates and fills in passwords and security codes so people can spend less time on authentication screens. All apps should support this feature. For developer guidance, see Supporting Password AutoFill.
Delay sign-in as long as possible. People often abandon apps when they're forced to sign in before doing anything useful. Give them a chance to fall in love with your app before making a commitment to it. In a shopping app, let people browse your merchandise immediately upon launch, and require sign-in only when they're ready to make a purchase. In a media-streaming app, let people explore your content and see what you have to offer before signing in to play something.
Explain the benefits of authentication and how to sign up for your service. If your app requires authentication, display a brief, friendly explanation on the login screen that describes the reasons for the requirement and its benefits. Also, remember that not everyone using your app has an account from the start. Make sure you explain how to get one, or provide a simple in-app way to sign up.
Minimize data entry by showing appropriate keyboards. When asking for an email address, for example, show the email keyboard screen, which includes helpful data entry shortcuts. For related guidance, see Keyboards. For a complete list of available keyboard types, see the UIKeyboardType constant of UITextInputTraits.
Never use the term passcode. A passcode is used for unlocking the user's iOS device and authenticating with Apple Pay when biometric authentication is disabled.
For Apple Pay authentication design guidance, see Apple Pay.
Face ID and Touch ID
Whenever possible, support biometric authentication. Face ID and Touch ID are secure, familiar authentication methods that people trust. If a user has enabled biometric authentication, you can assume they understand how it works, appreciate its convenience, and prefer to use it whenever possible. Bear in mind that people may choose to disable biometric authentication on their device, so your app should be prepared to handle this scenario.