What is the "Sign in with Apple ID - The password for "<email-address>" needs to be updated" dialog?

I just encountered the dialog below. It looks a bit suspicious to me and I am wondering whether it is an authentical or some scam/virus. It just popped up after I had an issue with my computer running out of (application) space and I had to restart it.

enter image description here


Since Apple stopped selling OS X on DVDs with 10.7 Lion (which was available on a USB drive, but that was a transition concession), Apple has built in the assumption that every Mac has reasonably high speed internet access (it can be brought into an Apple Store for that if necessary) and every user has an Apple ID. macOS as it is now called uses your Apple ID for lots of things: syncing with iCloud, keeping track of what Apps you have purchased/installed from the App Store, keeping track of what music you have purchased from iTunes, and lots more.

In general, macOS does not actually keep track of your Apple ID password. Instead, it uses your Apple ID password from time-to-time to create or update public/private key pairs that it uses for authentication across the internet. Those private keys are stored in your Keychain, which is protected by the login password to your local account on your Mac (and by other things).

It is a complicated system, but it allows you to do things like see which devices are "authorized" for your Apple ID and revoke authorizations for devices, or use Find My Mac to find a lost device in a way that allows you to find your device without even Apple being able to find it without your permission.

In a system like this, sometimes things get out of sync by accident and sometimes on purpose (like when you revoke access for a device). In order to resync, the system will present a dialog like the one in the post. My guess is that the bare bones dialog comes up when some faceless utility has a problem. You get a better dialog from the Apple App Store when it needs your password.

I am very security conscious and also get suspicious about dialog boxes that just pop up and ask for passwords. However, so far I am not aware of an exploit that tries to get your Apple ID password this way, and if the part in quotes is, in fact, the correct email address for the Apple ID for the account I am using, I generally suspect the request to be legitimate. Being naturally curious I try to investigate where it is coming from and why it is needed, but that has been made harder with the Console making it harder to see historical log messages, so I have not been very successful lately.

A reasonable thing to do is, if you have no reason to suspect anything has changed that would cause you to need to refresh your password, just hit cancel the first time it comes up. Perhaps run a virus scan. Perhaps reboot your computer. If you are using Catalina, there is an "Apple ID" preference panel in System Preferences, and that has a "Password & Security" section. Use that to verify everything is good, and fix any issues it informs you about.

If the dialog comes up again after that, I usually go ahead and enter the password. Then again, I monitor iCloud activity and authorized devices, and do not store terribly sensitive or embarrassing stuff in iCloud, plus I have two-factor authentication turned on, so I am not terribly worried about my password being stolen. You have to make your own security versus functionality decision.