Understanding Your Apple ID

If you want the short version of this post, here it is: Any time Apple asks you to log in, just enter your Apple ID and password. Buying a song from iTunes? Enter your Apple ID and password. Visiting the Apple Online Store to buy a new Mac? Enter your Apple ID and password. Making a Genius Bar reservation? Enter your Apple ID and password.

There are not separate accounts for iTunes, iCloud, etc. They all share a single account, and that account is known as your Apple ID.

If it’s so easy, then why do some folks find it so confusing? Mostly because Apple hasn’t done a good job of explaining it. Many users don’t realize that every Apple service and online store share a single sign-on.

Any newly created Apple ID must be an email address that does not use an Apple-owned domain. So john.doe@example.com is a valid Apple ID, but john.doe@icloud.com is not. ((Under the old rules, Apple IDs could end in mac.com or me.com, and those users have been grandfathered-in. For technical reasons unknown to me, those are also the only users who may not change their Apple ID.))

When you sign up for an Apple ID, your email address becomes your Apple ID. If you ever change your email address, you will need to change your Apple ID to match the new address.

You can sign up for an Apple ID using any web browser, even on Windows and Linux. But the Mail feature of iCloud can only be set up on a Mac or iOS device. To create an iCloud email address, go to System Preferences and clicks on iCloud:

Choose an iCloud email address

If you set up an iCloud email account (i.e. john.doe@icloud.com), you will now have two email addresses associated with your Apple ID. Apple conveniently accepts either address at any login prompt, but don’t let that confuse you. Even though your Apple ID is now linked to an iCloud address, your Apple ID is still your primary email address.

Making things even more confusing, the iCloud account panel incorrectly labels the email address as an Apple ID. This is just plain wrong.

iCloud account-annotated

Just remember this: your Apple ID is your primary email address. If you enter a new primary email address, you will change your Apple ID, but not your iCloud email address (which cannot be changed).

If you visit the My Apple ID page and click “Manage your Apple ID,” you’ll see something that looks this:

Apple ID manage

As a practical matter, any time you’re prompted for your Apple ID, you can enter either your primary email address or your iCloud.com address. ((If you’ve been around long enough to also have a mac.com or me.com address, those may work too; see this article for details.))

Any questions?

6 thoughts on “Understanding Your Apple ID

  1. This problem is driving me nuts. Why can we not set up an Apple ID that ends in icloud.com? All I get is “Not use a domain see by Apple” no matter what I preface it with. Do they really want me to set up a gmail or some other account first?

    • Yes, they really do want you to have some other email account first. Note that an iCloud account does NOT automatically include an email account. You have to set up an iCloud account first. And then, only if you explicitly request one, can you get an “@icloud.com” address.

      It’s important to have some method of communication apart from an Apple address. If you forget your Apple ID password, or if your password gets stolen, you’ll need some non-Apple address where they can send a password reset. (The technical term is “out of band signaling.”)

    • Yes, your primary email address and your iCloud email address will have separate domains.

      Your iCloud email address will end icloud.com, but your primary email address is NOT allowed to be any address that ends in iCloud.com, me.com, or mac.com.

      In the old days, one could have an Apple ID that ended in mac.com or me.com; users who have those old Apple IDs are permitted to keep them — indeed, they can’t change them even if they want to.

      But it was never possible to create an Apple ID that ends in iCloud.com.

      • Hi Steven, thanks for clarifying – just to be absolutely sure. My primary email address, which is a business address, and my icloud address are separate domains. I have been told by others in the company that the director can view/monitor emails going through that business domain. But should I wish to send through a PRIVATE email then if I do this through icloud she can’t see this – correct?

        • There are three different issues your question raises:
          Is it legal? Is it possible using your work computer? Is it possible if you’re NOT using your work computer?

          In the USA, they can’t legally read your iCloud email. I’m not familiar with the laws in other countries.

          If you’re using your work computer, they can’t read incoming iCloud mail because iCloud encrypts everything between their server and your browser. (If your employer has key-logger software installed on your work computer, it is possible for them to “see” what keys you typed, which would allow them to learn your username & password, and thereby gain access to your entire iCloud account. I’ve never heard of employers doing this, but that doesn’t mean it never happens.)

          If you use your own computer, or your own iPhone or iPad, then you’re almost certainly safe from snooping, even if you’re using your office Wi-Fi to connect. (That’s not to say that it’s impossible; I presume the NSA can do it. But this level of sophistication is certainly beyond the capability of any business IT department with which I’m familiar.)

          I hope this helps.

Comments are welcome. (Please be civil!)