Power to the people! Google backtracks on forced Chrome logins | Cyber Security


Even the mighty, all-seeing EoG (eye of Google) can’t always predict how its users are going to feel about new features that are so “obviously” cool that they get turned on by default.

Here at Naked Security, we’ve always favoured opt in, where new features really are so nice to have that users can’t wait to enable them, rather than opt out, where users get the choice made for them and can’t wait to find out how to undo it.

So, we weren’t surprised that there was quite some backlash from Google Chrome users when the latest update to the world’s most widely-used browser changed the way that logging in worked.

As we reported earlier this week:

Users were complaining this week after discovering they’d been logged in to Google’s Chrome browser automatically after logging into a Google website.

In the past, by default, logging into Gmail and Chrome were two separate actions – if you fired up Chrome to read your Gmail, you wouldn’t end up logged in to Chrome as well.

You could choose to enable what’s often referred to as single sign-on, but it wasn’t out-of-the-box behaviour.

But Google – surprise, surprise – figured that what it calls “sign-in consistency” would be such a great help (to Google, if not necessarily to you) that it started doing a sort of single sign-on by default, instead of treating your various Google accounts separately.

As you can imagine, or have probably experienced for yourself if you are a Chrome user, that’s a rather serious sort of change to do without asking.