Letting users sign in Updated about 2 hours ago 3 min read

Do my users get a real username and password?

Yes. Your app's users sign in with a real email and password (or social login). OverSkill securely hosts the password setup, storage, and reset for you — so you get battle-tested accounts without building risky login code yourself.

Short answer: yes. Every OverSkill app supports real email + password accounts. Your users create an account with their email and a password, and sign in with those credentials any time. This already works — you don't have to build it.

If you've heard the app builder say something like sign-in only works one way or there's no password field, that's a confusing way of describing something that's actually a good thing. Here's what's really going on.

How sign-in works in your app

When someone clicks Sign up or Log in on your app:

  1. They're taken to a secure OverSkill sign-in screen.
  2. They enter their email and password (or pick a social option like Google or Apple, if you've turned those on).
  3. They're sent right back into your app, signed in.

To your user, it feels like signing into your app — because it is. They get a real account with a real password.

Why OverSkill handles the password part

You might wonder why your app doesn't have its own password box built directly into your app's pages. The reason: storing passwords safely is one of the easiest things in software to get wrong, and getting it wrong is how accounts get hacked.

So instead of every app reinventing password storage, password strength rules, and forgot my password emails, OverSkill does all of that for you, securely, in one place. Your users still get:

  • ✅ A real account with email + password
  • Password reset (forgot password → email link → set a new one)
  • ✅ Password strength rules and secure storage
  • ✅ Optional social login (Google, Apple, GitHub) if you want it too

You get all of that the moment you add sign-in — nothing to configure, nothing to maintain.

What about inviting specific people?

If you're inviting users by email (for example, a private app or a team tool), the flow is:

  1. The person gets your invite email.
  2. They click the link.
  3. They sign in with the invited email address and set up their account (including a password) if they don't have one yet.
  4. They're in — with the access you granted them.

One thing to know: they need to sign in with the same email you invited. If you invite [email protected], Jane signs in as [email protected] to get the access.

So is anything actually missing?

No. The only thing your app doesn't have is a hand-built password box inside your own app's code — and that's on purpose, because OverSkill provides a more secure one for you. Your users get genuine email + password accounts today.

Was this helpful?

Thanks for the signal — it helps us improve the docs.

More in Letting users sign in

Adding social login (Google, Apple, GitHub)

Let users sign in with their existing accounts. One click, no password to remember.

How your app's users sign up

Add a sign-up flow to your app in one prompt. Customize it later. Users can sign up with email or social login.

Restricting access to paid users

Gate parts of your app — or the whole thing — behind a subscription or one-time purchase.

Still need help?

If this didn't answer your question, our team is one click away.

Sign in to open a ticket Back to help center